产品原型Web展示

最新推荐文章于 2024-02-19 10:18:36 发布

原创最新推荐文章于 2024-02-19 10:18:36 发布 · 896 阅读

1 ·

CC 4.0 BY-SA版权

文章标签：

#devops

axure 专栏收录该内容

1 篇文章

订阅专栏

本文详细介绍如何在阿里云ECS服务器上使用docker-compose部署HTTPD服务，通过Nginx进行SSL加密验证，以实现安全访问产品原型图。涉及产品原型路径配置、HTTPD服务容器化、Nginx加密验证脚本及配置。

前言

当产品原型设计出来后，会放置在linux服务器上的路径下，为了让相关的研发人员查看到需求，进行相应的作业，需要搭建访问其原型路径的httpd服务

搭建httpd流程

前提

产品原型放置在阿里云ecs服务器上

产品原型文档路径

[root@nature docs]# pwd
/mnt/web/www/prod/htdocs/docs
[root@nature docs]# ls 
xxx xxx xxx

docker-compose部署httpd服务，并通过nginx加密验证后，方能访问产品原型图

1.部署httpd服务

[root@nature docs]# mkdir /data/htppd
cat > /data/httpd/docker-compose.yml <<-EOF
version: "3.5"
services:
  httpd:
    image: docker.io/httpd:latest
    container_name: www
    hostname: www
    ports:
      - 8081:80
    environment:
      - SET_CONTAINER_TIMEZONE=true
      - CONTAINER_TIMEZONE=Asia/Shanghai
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /mnt/web/www/prod/htdocs:/usr/local/apache2/htdocs:Z
      - /mnt/web/www/prod/conf:/usr/local/apache2/conf:Z
      - /mnt/web/www/prod/logs:/usr/local/apache2/logs:Z
    restart: always
    tty: true
EOF

2.nginx的加密验证
注: 关于ssl证书，请自行获取，这里不再赘述

[root@nature docs]# cat > /etc/nginx/passwd.sh <<-EOF
#!/usr/bin/env bash

userlist=(xxx ...)

passwdlist=(xxx ...) 

numlist=(0 ...) 

cd /etc/nginx/
touch passwd.db

for i in ${numlist[*]};
do
    htpasswd -b passwd.db ${userlist[i]} ${passwdlist[i]}
done
EOF
[root@nature docs]# mkdir /var/log/nginx/prod
[root@nature docs]# chown nginx:nginx /var/log/nginx/prod
[root@nature docs]# cat > /etc/nginx/conf.d/prod.conf <<-EOF
upstream prod{
  server 127.0.0.1:8081;
}

server { 
  listen 80; 
  server_name xxx.xxx.xxx;     
  rewrite ^/(.*)$ https://xxx.xxx.xxx/$1 permanent;
} 

server {
  listen 443;
  server_name xxx.xxx.xxx;

  ssl on;
  ssl_certificate   cert_auth/xxx.xxx.xxx.pem;
  ssl_certificate_key  cert_auth/xxx.xxx.xxx.key;
  ssl_session_timeout 5m;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;

  access_log  /var/log/nginx/prod/access.log;
  error_log   /var/log/nginx/prod/error.log;
     
  auth_basic "User Authentication";
  auth_basic_user_file /etc/nginx/passwd.db; 

  location / {
    proxy_pass http://prod;
    proxy_redirect off;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $http_host;
  }

  error_page 404 /404.html;
    location = /40x.html {
  }

  error_page 500 502 503 504 /50x.html;
    location = /50x.html {
  }
}
EOF
[root@nature docs]# systemctl restart nginx