Rails – 使用Phusion Passenger在Docker容器内部启用Nginx
在我的应用程序中启用https时遇到问题。 我设法使其不用ssl工作,但在尝试了其他教程后,似乎没有为我工作。 我会尽量保持代码简短,并分享最重要的部分。
Dockerfile
FROM phusion/passenger-customizable RUN apt-get update && apt-get install -y \ dialog \ net-tools \ build-essential \ wget \ libpq-dev \ git \ nginx nginx-extras\ rsync \ bzip2 \ && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* RUN rm -f /etc/service/nginx/down RUN rm /etc/nginx/sites-enabled/default ADD config/nginx/nginx.conf /etc/nginx/sites-enabled/nginx.conf ADD config/nginx/fullchain.pem /etc/nginx/ssl/fullchain.pem ADD config/nginx/privkey.pem /etc/nginx/ssl/privkey.pem ADD config/nginx/rails-env.conf /etc/nginx/main.d/rails-env.conf ADD config/nginx/postgres-env.conf /etc/nginx/main.d/postgres-env.conf 泊坞窗,compose.yml
web-production: &web-production <<: *web ports: - '80:80' - '443:443' expose: - '80' - '443' command: passenger start -p 443 -b '0.0.0.0' environment: RACK_ENV: production RAILS_ENV: production
nginx.conf
server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; listen 443 ssl; passenger_app_env production; passenger_enabled on; passenger_user app; passenger_ruby /usr/bin/ruby2.3; ssl_certificate "/etc/nginx/ssl/fullchain.pem"; ssl_certificate_key "/etc/nginx/ssl/privkey.pem"; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP; ssl_prefer_server_ciphers on; }
application.rb中
config.middleware.use Rack::SslEnforcer, :only_environments => ['production', /^QA/]
我使用certbot生成了我的证书。
我目前的堆栈:
- 泊坞窗/撰写
- Rails 4.2
- Ruby 2.3
- Nginx的