- simple
- one container
- non-root
- non-SQL
- for self-hosted
docker pull ray1ex/dnsrobocert-plus-nginx:latest
docker run -dit --restart unless-stopped \
-u 1000:1000 \
-p 80:10080 -p 443:10443 -p 22:10022 \
-v /your/path/config:/config \
-v /your/path/data:/data \
-v /your/path/logs:/logs \
--name dnsrobocert-plus-nginx ray1ex/dnsrobocert-plus-nginx
draft: false
acme:
email_account: your@email.com
staging: false
profiles:
- name: cloudflare
provider: cloudflare
provider_options:
auth_token: token-token
sleep_time: 45
max_checks: 5
certificates:
- domains:
- example.com
- "*.example.com"
profile: cloudflare
Ref:
[ssl_cert]
default_ssl_cert_domain = "example.com"
[[http_server]]
server_name = "www.example.com"
listen = 10080
listen_ssl = 10443
proxy_pass = "http://172.17.0.1:8000"
[[http_server]]
server_name = "www2.example.com"
listen = 10080
listen_ssl = 10443
root_path = "root /mnt/www/www2.example.com"
[[http_upstream]]
name = "upstream_websocket"
content = """
least_conn;
server 127.0.0.1:8081;
server 127.0.0.1:8082;
"""
[[http_server]]
server_name = "ws.example.com"
listen = 10080
proxy_pass = "upstream_websocket"
support_websocket = true
[[stream_server]]
comment = "ssh"
listen = 10022
proxy_pass = "192.168.1.1:22"
part | dir |
---|---|
http_upstream | /data/nginx/http_upstream.d |
http_server | /data/nginx/http_server.d |
stream_upstream | /data/nginx/stream_upstream.d |
stream_server | /data/nginx/stream_server.d |
Please http2
turn off all services under the same port, which is a feature of NGINX.
python -m plush generate --nginx-conf-dir /tmp --config-nginx-toml examples/nginx.toml
logrotate --debug /etc/logrotate.conf
- 统一日志输出
- nginx 启动前尝试验证配置文件