From e4a61d9862e99a35367aeb77a34b92cf33acc31c Mon Sep 17 00:00:00 2001 From: xueqingkun Date: Mon, 4 Dec 2023 17:41:42 +0800 Subject: [PATCH] =?UTF-8?q?common=EF=BC=9A1.=20=E6=B7=BB=E5=8A=A0nginx=20D?= =?UTF-8?q?ockerfile?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker/nginx/Dockerfile | 19 +++++++++++ docker/nginx/README.md | 3 ++ docker/nginx/docs/conf.d/default.conf | 40 ++++++++++++++++++++++ docker/nginx/docs/conf.d/https.conf | 49 +++++++++++++++++++++++++++ docker/nginx/docs/ssl/cert.pem | 21 ++++++++++++ docker/nginx/docs/ssl/csr.pem | 17 ++++++++++ docker/nginx/docs/ssl/key.pem | 28 +++++++++++++++ virtual-patient-rasa/Dockerfile | 4 +-- 8 files changed, 179 insertions(+), 2 deletions(-) create mode 100644 docker/nginx/Dockerfile create mode 100644 docker/nginx/README.md create mode 100644 docker/nginx/docs/conf.d/default.conf create mode 100644 docker/nginx/docs/conf.d/https.conf create mode 100644 docker/nginx/docs/ssl/cert.pem create mode 100644 docker/nginx/docs/ssl/csr.pem create mode 100644 docker/nginx/docs/ssl/key.pem diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile new file mode 100644 index 00000000..feeaae0c --- /dev/null +++ b/docker/nginx/Dockerfile @@ -0,0 +1,19 @@ +# 设置基础镜像 +# 在137服务器中使用的是 rasa_dev:1.0.0镜像 +FROM nginx:1.25 + +ENV APP_HOME=/data/vp + +# 设置工作目录 +WORKDIR $APP_HOME + +# 复制java jar 到容器中 +COPY ./docs/conf.d /etc/nginx/conf.d +# 复制rasa配置文件到 rasa目录下 +COPY ./docs/ssl /data/vp/nginx/ssl + +# 暴漏服务端口 +EXPOSE 80 443 + +# 设置启动命令 +CMD ["nginx","-g","daemon off;"] \ No newline at end of file diff --git a/docker/nginx/README.md b/docker/nginx/README.md new file mode 100644 index 00000000..da5642f5 --- /dev/null +++ b/docker/nginx/README.md @@ -0,0 +1,3 @@ +# 构建步骤 +- 修改配置文件 docs/conf.d/default.conf中的服务器地址 +- 运行Dockerfile文件构建镜像 docker build -t my/nginx:1.25 . \ No newline at end of file diff --git a/docker/nginx/docs/conf.d/default.conf b/docker/nginx/docs/conf.d/default.conf new file mode 100644 index 00000000..64de41a7 --- /dev/null +++ b/docker/nginx/docs/conf.d/default.conf @@ -0,0 +1,40 @@ + # 定义web服务地址 + upstream virtual-patient-web{ + server 192.168.10.138:8799; + } + +server { + listen 80; + listen [::]:80; + server_name localhost; + + + #access_log /var/log/nginx/host.access.log main; + client_max_body_size 20M; # 设置客户端请求的最大上传大小为 20MB,可以根据实际情况修改 + + location / { + root /usr/share/nginx/html/dist; + index index.html index.htm; + } + location /rasa/ { + root /usr/share/nginx/html/; + index rasa.html rasa.htm; + } + + location /virtual-patient/ { + proxy_pass http://virtual-patient-web/virtual-patient/; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html/dist; + } +} + diff --git a/docker/nginx/docs/conf.d/https.conf b/docker/nginx/docs/conf.d/https.conf new file mode 100644 index 00000000..6410e725 --- /dev/null +++ b/docker/nginx/docs/conf.d/https.conf @@ -0,0 +1,49 @@ + # 定义web服务地址 + +server { + listen 443 ssl; + server_name example.com; + + ssl_certificate /data/vp/nginx/ssl/cert.pem; + ssl_certificate_key /data/vp/nginx/ssl/key.pem; + + # 配置SSL参数 + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384; + + # 配置SSL会话缓存 + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 30m; + + # 配置SSL安全性选项 + ssl_stapling on; + ssl_stapling_verify on; + resolver 8.8.8.8 8.8.4.4 valid=300s; + resolver_timeout 5s; + + client_max_body_size 20M; # 设置客户端请求的最大上传大小为 20MB,可以根据实际情况修改 + + location / { + root /usr/share/nginx/html/dist; + index index.html index.htm; + } + + location /rasa/ { + root /usr/share/nginx/html/; + index rasa.html rasa.htm; + } + + location /virtual-patient/ { + proxy_pass http://virtual-patient-web/virtual-patient/; + } + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html/dist; + } + +} \ No newline at end of file diff --git a/docker/nginx/docs/ssl/cert.pem b/docker/nginx/docs/ssl/cert.pem new file mode 100644 index 00000000..17649752 --- /dev/null +++ b/docker/nginx/docs/ssl/cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDdzCCAl8CFC5Pwm//gTURwneg5cjhbkyueufNMA0GCSqGSIb3DQEBCwUAMHgx +CzAJBgNVBAYTAkNIMQswCQYDVQQIDAJOSjEOMAwGA1UEBwwFbmogeWgxDDAKBgNV +BAoMA3NzdDEMMAoGA1UECwwDc3N0MQ8wDQYDVQQDDAZzc3RvcmcxHzAdBgkqhkiG +9w0BCQEWEDEyMzQ1NkBlbWFpbC5jb20wHhcNMjMxMTEwMDEyMzIzWhcNMjMxMjEw +MDEyMzIzWjB4MQswCQYDVQQGEwJDSDELMAkGA1UECAwCTkoxDjAMBgNVBAcMBW5q +IHloMQwwCgYDVQQKDANzc3QxDDAKBgNVBAsMA3NzdDEPMA0GA1UEAwwGc3N0b3Jn +MR8wHQYJKoZIhvcNAQkBFhAxMjM0NTZAZW1haWwuY29tMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA0/VotZw72C+GVQnKsVfwtxeXEPPfiUfE0/H6mp8A +jhxHnFofNK5mvjYs3++U9UEfP1jq84flaD5qgrEGzhauJg6NdrLdcd9RCguu8Pkm +YHIMVl9UzLQexKg15wh0Fc8S6vc3xGBPfosS29YJulXcUZB2CeVJ9CXCTx2Z1dRG +Ug9eMTiPwgB8GnQ56h2GjTyCnVWeVoXBFVef6sY0czkPoJVPk7TZI3K5BmaLBNX1 +0L4OzaJtOa6ZWll3rGxVrk/7oB+Z3t3l8NXF9SrmC039K3sZerNLjlVUdkGD52jz +xCc4Eixcus2pduKfIP3dUhdn05TNUln1/nIFRErcXUWdswIDAQABMA0GCSqGSIb3 +DQEBCwUAA4IBAQCLmsogw3J6KOyHnzaWQaKvhRzqPAupIBY4HYTk+hyOahgMMkkd ++3QIiWU/pp0Nu5iyYytzGRCQIz1Jh+xpk3UQVpayDB8C4XIB7oyzpuatTuyeCvq/ +lnDlk8jk64EewLLWE2pOce6yAKZ/xhcQiDI9YcjgGOkUOjv7Hgqhzwlafrt5FXGB +znFmVi5A52RqkkteplkRsl08OE5VmfxwFYJWZ7QXMlp5ec13oCE21PU+cmLLF/Vb +xl7JJKeMOgDICiSczcYzwP56SiYFktKQ8KmDotFWgBM9mtxkEcOqPb2Xe9vzOclk +AK+5bHhgF2yZGhjbNuzp/FwGSAIozuR5IXxJ +-----END CERTIFICATE----- diff --git a/docker/nginx/docs/ssl/csr.pem b/docker/nginx/docs/ssl/csr.pem new file mode 100644 index 00000000..ba2dff76 --- /dev/null +++ b/docker/nginx/docs/ssl/csr.pem @@ -0,0 +1,17 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICvTCCAaUCAQAweDELMAkGA1UEBhMCQ0gxCzAJBgNVBAgMAk5KMQ4wDAYDVQQH +DAVuaiB5aDEMMAoGA1UECgwDc3N0MQwwCgYDVQQLDANzc3QxDzANBgNVBAMMBnNz +dG9yZzEfMB0GCSqGSIb3DQEJARYQMTIzNDU2QGVtYWlsLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBANP1aLWcO9gvhlUJyrFX8LcXlxDz34lHxNPx ++pqfAI4cR5xaHzSuZr42LN/vlPVBHz9Y6vOH5Wg+aoKxBs4WriYOjXay3XHfUQoL +rvD5JmByDFZfVMy0HsSoNecIdBXPEur3N8RgT36LEtvWCbpV3FGQdgnlSfQlwk8d +mdXURlIPXjE4j8IAfBp0Oeodho08gp1VnlaFwRVXn+rGNHM5D6CVT5O02SNyuQZm +iwTV9dC+Ds2ibTmumVpZd6xsVa5P+6Afmd7d5fDVxfUq5gtN/St7GXqzS45VVHZB +g+do88QnOBIsXLrNqXbinyD93VIXZ9OUzVJZ9f5yBURK3F1FnbMCAwEAAaAAMA0G +CSqGSIb3DQEBCwUAA4IBAQCFdN/RMNZtduCGs21f5Le4uGePh2nHzqB2tPzPsWYV +LLPO/pInHB0lQ3vJLFtIeaTLIDwB+AFcdM7rNhMGz9rj/Qrk9LCvgm+CQGUOy1h4 +r1tJ27z+8xfwHls/fgghHnSLoaUvma2FfIQzZc/rGTDLkdERBZ1skxOVqIw56qlA +aPyKUt9s/fg6P5xMSv5SDIR89n0i3TChSa8nNdHV1Ld44mLZ7Aw29ChXI5DaQ05t +B6rdNz3AofmxlkzHIlFl46kPMy4H5jgHWlOBT+eLHv/fecPWCNpgnr9vi7O2Ih9o +i8KHDeK1T9Bl5U+sGof6E0Sey/xBOEGnYzuiQUl4kxfL +-----END CERTIFICATE REQUEST----- diff --git a/docker/nginx/docs/ssl/key.pem b/docker/nginx/docs/ssl/key.pem new file mode 100644 index 00000000..adb651de --- /dev/null +++ b/docker/nginx/docs/ssl/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDT9Wi1nDvYL4ZV +CcqxV/C3F5cQ89+JR8TT8fqanwCOHEecWh80rma+Nizf75T1QR8/WOrzh+VoPmqC +sQbOFq4mDo12st1x31EKC67w+SZgcgxWX1TMtB7EqDXnCHQVzxLq9zfEYE9+ixLb +1gm6VdxRkHYJ5Un0JcJPHZnV1EZSD14xOI/CAHwadDnqHYaNPIKdVZ5WhcEVV5/q +xjRzOQ+glU+TtNkjcrkGZosE1fXQvg7Nom05rplaWXesbFWuT/ugH5ne3eXw1cX1 +KuYLTf0rexl6s0uOVVR2QYPnaPPEJzgSLFy6zal24p8g/d1SF2fTlM1SWfX+cgVE +StxdRZ2zAgMBAAECggEAAPoKh3u20uI1LkMjSfnrxAw5x/w3tXw9LfTZgMjmycDb +m57Wsflzw8CgKFAEUbUBHdudCY5AwmA3QW7rZxu3pbk/caKVXqb2yqMPJVEgmiUs +ZWF/FIpn8eQMi4oAbvFLVwXYnfELrLubVKQB23f10fJmeNkzpApggNjUEqYtxMcH +MjfUmXzrZhvFKdRjdmyITa4gI9djuRvOIfWz0bZTePUtcfgCfpkM3lbxWRIst7Dg +FqCcgX68XOHHDCzzWTE7LasFBZx3mAcOyRMC+MKw96becC4r1c2KFFKh8tFp57y2 +hQ1ybjxeF2MaWf3I/ioi2uTUza+L8m2RsKwABcRwIQKBgQDUrnn/WtKdryDU0rBj +cwsKTrMCycblwYCJj58cGSiETTVJOlhh1N2QtE/kwQI69tUVOc7C5p5FZzk+iff7 +KwvwDqurtW5kKHE5IamUnKqv32bbHuRtg9CB0ktmmbxOrwP5s+QGhh5fKGvFKs3D +xVytLVw76f+BLK4NaBbzCdEN6wKBgQD/IT0F9f9XnTIa1a/bNVLCuRRZdWjDK40i +bD8EgO9T/FxK4yXSV3IB2C6mQNdMxDcmFBTS7EoXPZpZYuFCqBKQvV1OQ0yUAy2b ++PmmZMBakbpQHkIjkq2cgXNXaVdDeKPfoG4SqPz/6x7p/Np/UG9Ey8juNuQXmIiH +wwjwTfqVWQKBgQDNd6ogykuDTvd24/zIdxIJaTKD1Q+0U5asTvY2HRAJkNWT4ywT +h6Rt8eTlaJmRAXmmQezAWjA5eJnTE1NhcZrc1i9/eY4mcPPBcAX2rswvkLI7qsKg +EqJTaSiy/H7xvR8oE2SN8PBSmihTmSCkq3z3SUU8FLpkvxd/mDnjnm469QKBgQCg +rRQ7ftPTH+MAV3erPIfkrp8MQA88a181QKrncTRI1nRhjXCyafQZCUdH2So+5Iw+ +5QLAW6PFwzxD8yweyK74jOoIcgX2aZH92u2PR4CFCaYm8weAU84W9MfpUyRsD7xV +CDqKcfb0TeVoQ6Bv8f5Be34N2HAKFDxYFBK7FMEt8QKBgDNBG3n8/912dDWV1Dve +o4v+TAnlAMHgEXZH+VCCzeIyj1UkUh4sxdIGGaGCPrWGrqxIYIKPKX8gPIWQ7QJj +QJZyL5nqGXWwZUvBuHzE3tB24XJpuHGfg+oBdDfg0aiEMTQKnRORdgHHVdB9W3SN +2TrXQbtwB1X+wioA4615n6ih +-----END PRIVATE KEY----- diff --git a/virtual-patient-rasa/Dockerfile b/virtual-patient-rasa/Dockerfile index 9f8793ff..e1a3707b 100644 --- a/virtual-patient-rasa/Dockerfile +++ b/virtual-patient-rasa/Dockerfile @@ -1,6 +1,6 @@ # 设置基础镜像 # 在137服务器中使用的是 rasa_dev:1.0.0镜像 -FROM rasa_dev:1.0.0 +FROM rasa:1.0.1 ENV APP_HOME=/data/vp @@ -10,7 +10,7 @@ WORKDIR $APP_HOME # 复制java jar 到容器中 COPY target/virtual-patient-rasa-1.0-SNAPSHOT.jar $APP_HOME/virtual-patient-rasa-1.0-SNAPSHOT.jar # 复制rasa配置文件到 rasa目录下 -COPY docs/rasa /rasa +COPY ../docker/rasa-manage/docs/rasa /rasa # 暴漏服务端口 EXPOSE 8890