Nginx介绍
不介绍了吧,著名的web 服务器反向代理等,我为啥要用,就是防止别人用IP访问,
这个别人你猜是谁? 只有知道域名+端口才可以访问,用IP+端口啥也没有...
你猜猜为啥要这个功能?
为什么UI
一直以来我都喜欢编辑配置文件,现在好像老了
docker安装
docker run -dit \
--name=nginx-ui \
--restart=always \
-e TZ=Asia/Shanghai \
-v /opt/docker-data/nginx-ui/conf.d:/etc/nginx \
-v /opt/docker-data/nginx-ui/:/etc/nginx-ui \
-p 2080:80 -p 2443:443 \
uozi/nginx-ui:latest配置
- 修改
conf.d/nginx-ui.conf
主要是用域名才能访问配置界面
## 修改 server_name 后面的网址
server {
listen 80;
server_name xxx.hello-kitty.com ; # your domain here
client_max_body_size 128M; # maximum upload size
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:9000/;
}
}
## 加上下面内容(不允许IP访问)
server {
listen 80 default_server;
listen [::]:80 default_server;
server_tokens off;
return 444;
}
然后,您就自由配置
nginx-ui 加上 php74的支持
x86的 cat Dockerfile
# i # Docker继承 nginx+nginxui+php+mysql+sqlite容器 (x86)
# 使用 nginx-ui 作为基础镜像
FROM uozi/nginx-ui
# 设置工作目录
WORKDIR /app
# 更新源并安装软件包
RUN apt-get update && apt-get install -y \
software-properties-common ca-certificates lsb-release apt-transport-https \
&& echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list \
&& wget -qO - https://packages.sury.org/php/apt.gpg | apt-key add - \
&& apt-get update \
&& apt-get install -y \
php7.4-fpm \
php7.4-ctype \
php7.4-curl \
php7.4-dom \
php7.4-fileinfo \
php7.4-ftp \
php7.4-iconv \
php7.4-json \
php7.4-mbstring \
php7.4-mysql \
php7.4-mysqlnd \
php7.4-pdo \
php7.4-pdo-sqlite \
php7.4-phar \
php7.4-posix \
php7.4-readline \
php7.4-gd \
php7.4-simplexml \
php7.4-sqlite3 \
php7.4-tokenizer \
php7.4-xml \
php7.4-xmlreader \
php7.4-xmlwriter \
# 清理 apt 缓存
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
## 添加PHP自启动
&& sed -i '/nginx -g "daemon off;"/d' /etc/s6-overlay/s6-rc.d/nginx/run \
&& echo 'php-fpm7.4' >> /etc/s6-overlay/s6-rc.d/nginx/run \
&& echo 'chmod 777 /run/php/php7.4-fpm.sock' >> /etc/s6-overlay/s6-rc.d/nginx/run \
&& echo 'nginx -g "daemon off;"' >> /etc/s6-overlay/s6-rc.d/nginx/run
arm的版本cat Dockerfile
# i # Docker继承 nginx+nginxui+php+mysql+sqlite容器 (arm64)
# 使用 nginx-ui 作为基础镜像
FROM uozi/nginx-ui
# 设置工作目录
WORKDIR /app
# 更新源并安装软件包
RUN apt-get update && apt-get install -y \
lsb-release ca-certificates apt-transport-https software-properties-common \
&& wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg \
&& echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list \
&& apt-get update \
&& apt-get install -y \
php7.4-fpm \
php7.4-ctype \
php7.4-curl \
php7.4-dom \
php7.4-fileinfo \
php7.4-ftp \
php7.4-iconv \
php7.4-json \
php7.4-mbstring \
php7.4-mysql \
php7.4-mysqlnd \
php7.4-pdo \
php7.4-pdo-sqlite \
php7.4-phar \
php7.4-posix \
php7.4-readline \
php7.4-gd \
php7.4-simplexml \
php7.4-sqlite3 \
php7.4-tokenizer \
php7.4-xml \
php7.4-xmlreader \
php7.4-xmlwriter \
# 清理 apt 缓存
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
## 添加PHP自启动
&& sed -i '/nginx -g "daemon off;"/d' /etc/s6-overlay/s6-rc.d/nginx/run \
&& echo 'php-fpm7.4' >> /etc/s6-overlay/s6-rc.d/nginx/run \
&& echo 'chmod 777 /run/php/php7.4-fpm.sock' >> /etc/s6-overlay/s6-rc.d/nginx/run \
&& echo 'nginx -g "daemon off;"' >> /etc/s6-overlay/s6-rc.d/nginx/run
创建镜像
docker build --no-cache -t nginx-ui-php74 .
创建容器
docker run -dit \
--name=nginx-ui-php74 \
--restart=always \
-e TZ=Asia/Shanghai \
-v /home/docker/nginx-ui/conf.d:/etc/nginx \
-v /home/docker/nginx-ui/etc/:/etc/nginx-ui \
-v /docker/docker-data/nginx-ui/www/:/www \
-p 80:80 -p 443:443 \
nginx-ui-php74:latest
php等网页放在 /docker/docker-data/nginx-ui/www/
nginx-ui-php配置
server {
listen 80;
listen [::]:80;
server_name php.us.aico.vip;
root /etc/nginx-ui/www;
index index.php index.html index.htm;
location ~ .*\.php(\/.*)*$ {
# 开启 fastcgi 模式
#fastcgi_pass 172.17.0.1:9000;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
index index.php
try_files $uri $uri/ /index.php?$query_string;
}
if (!-e $request_filename)
{
#rewrite ^(.*)$ /index.php$1 last;
#break;
}
}typecho 的配置
server {
listen 85; ## listen for ipv4; this line is default and implied
listen [::]:85 default ipv6only=on; ## listen for ipv6
root /app;
index index.php index.html index.htm;
location ~ .*\.php(\/.*)*$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
try_files $uri /index.php =404;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_connect_timeout 300;
fastcgi_read_timeout 600;
fastcgi_send_timeout 300;
fastcgi_buffer_size 256k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 768k;
fastcgi_temp_file_write_size 768k;
# Add the following line to get the client's real IP address
fastcgi_param REMOTE_ADDR $http_x_real_ip;
}
location / {
add_header X-Real-IP $proxy_add_x_forwarded_for;
index index.html index.php;
try_files $uri $uri/ /index.php?$query_string;
}
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|ttf|ttc|otf|eot|woff)$ {
try_files $uri /index.php?$query_string;
expires max;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location ~* \.(?:css|js)$ {
try_files $uri /index.php?$query_string;
expires 1y;
add_header Cache-Control "public";
}
# deny access to . files, for security
location ~* (?:^|/)\. {
access_log off;
log_not_found off;
deny all;
}
location ~* (?:\.(?:bak|config|db|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
deny all;
access_log off;
log_not_found off;
}
}
自行制作精简版
采用 alpine, 大概200MB,但是尚未测试过.
# 基础镜像:Alpine 3.12(支持PHP7.2)
# arm32设备用 arm32v7/alpine:3.12,arm64用 arm64v8/alpine:3.12
FROM alpine:3.12
# 环境变量:时区和nginx-ui配置(使用tar.gz版本)
ENV TZ=Asia/Shanghai \
NGINX_UI_VERSION=v2.0.0-rc.4 \
NGINX_UI_ARCH=arm64-v8a
# 替换Alpine 3.12镜像源
RUN echo "http://mirrors.tuna.tsinghua.edu.cn/alpine/v3.12/main" > /etc/apk/repositories && \
echo "http://mirrors.tuna.tsinghua.edu.cn/alpine/v3.12/community" >> /etc/apk/repositories
# 安装依赖(增加tar工具用于解压)
RUN set -ex && \
apk add --no-cache --update \
nginx \
php \
php-fpm \
php-mysqli \
php-pdo_mysql \
php-sqlite3 \
php-json \
php-curl \
php-gd \
php-mbstring \
php-xml \
php-opcache \
mysql-client \
sqlite \
wget \
tar \
gzip \
tzdata && \
# 配置时区
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone && \
# 下载并解压nginx-ui(tar.gz格式)
wget -O /tmp/nginx-ui.tar.gz https://github.com/0xJacky/nginx-ui/releases/download/${NGINX_UI_VERSION}/nginx-ui-linux-${NGINX_UI_ARCH}.tar.gz && \
mkdir -p /usr/local/nginx-ui && \
tar -zxf /tmp/nginx-ui.tar.gz -C /usr/local/nginx-ui && \
chmod +x /usr/local/nginx-ui/nginx-ui && \
# 清理临时文件
rm -rf /tmp/* /var/cache/apk/* && \
# 创建必要目录
mkdir -p /var/www/html /var/log/nginx /var/run/php-fpm /etc/nginx/ui
# 复制配置文件(需提前准备)
COPY nginx.conf /etc/nginx/nginx.conf
COPY php-fpm.conf /etc/php7/php-fpm.conf
COPY default.conf /etc/nginx/conf.d/default.conf
# 暴露端口(Nginx 80,nginx-ui默认8080)
EXPOSE 80 8080
# 启动命令
CMD ["/bin/sh", "-c", "php-fpm7 && nginx -g 'daemon off;' & /usr/local/nginx-ui/nginx-ui --config /etc/nginx/ui/config.yaml"]
最后一次更新于2025-10-08
