Docker 安装运行 Rancher（并配置HTTPS） 配置域名访问

在服务器使用docker 启动 ranhcer

docker run -d --restart=unless-stopped --name=rancher -p 8001:80 -p 8002:443 rancher/rancher

我的服务器ip是 115.159.52.223:8002

启动之后能够使用 https://115.159.52.223:8002/ 访问到rancher服务

下面是nginx的配置 代理 文件 监听80端口 如果来访的域名是  rancher.mczaiyun.top 则将根目录代理到

https://115.159.52.223:8002

注意末尾没有  /

map $http_upgrade $connection_upgrade {
        default Upgrade;
        ''      close;
}


server {
    listen               443 ssl;
    server_name          rancher.mczaiyun.top;

    ssl_certificate      /etc/nginx/cert/rancher.mczaiyun.top.pem;
    ssl_certificate_key  /etc/nginx/cert/rancher.mczaiyun.top.key;

    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    add_header Access-Control-Allow-Origin *;
    
    location / {
        proxy_pass https://115.159.52.223:8002;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_read_timeout 900s;
    }   
}

如果要用上面这段配置 你只需要改以下四处就行了 你的域名，你的SSL证书  你要代理的真正的地址

 server_name          rancher.mczaiyun.top;

 ssl_certificate      /etc/nginx/cert/rancher.mczaiyun.top.pem;
 ssl_certificate_key  /etc/nginx/cert/rancher.mczaiyun.top.key;

 proxy_pass https://115.159.52.223:8002; 

下面这段代码是代理socket的服务

map $http_upgrade $connection_upgrade {
        default Upgrade;
        ''      close;
}

......

 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection $connection_upgrade;

欢迎访问我的ranhcer 服务

rancher.mczaiyun.top