Installer Rancher 1.6 avec let's encrypt sur Ubuntu
# apt update -y
# apt upgrade -y
# apt install mc -y
# adduser user
# usermod -aG sudo user
# reboot
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo apt-key fingerprint 0EBFCD88
pub 4096R/0EBFCD88 2017-02-22
Отпечаток ключа = 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
uid Docker Release (CE deb) <docker@docker.com>
sub 4096R/F273FCD8 2017-02-22
$ sudo add-apt-repository "deb https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
$ sudo apt-get install docker-ce
$ sudo usermod -aG docker $(whoami)
$ sudo reboot
$ docker run -d --restart=always -p 8080:8080 rancher/server
http://ip:8080
$ cd ~
$ wget https://dl.eff.org/certbot-auto
$ chmod a+x certbot-auto
$ ./certbot-auto certonly
$ sudo apt-get install nginx
$ sudo nano /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
upstream target {
server localhost:8080;
}
server {
listen 443 ssl;
server_name www.zaz60.com;
ssl_certificate /etc/letsencrypt/live/www.zaz60.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.zaz60.com/privkey.pem;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://target;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
# This allows the ability for the execute shell window to remain open for up to 15 minutes. Without this parameter, the default is 1 minute and will automatically close.
proxy_read_timeout 900s;
}
}
server {
listen 80;
server_name www.zaz60.com;
return 301 https://$server_name$request_uri;
}
}
Сохранить.
$ sudo nginx -t
$ sudo service nginx restart
# apt update -y
# apt upgrade -y
# apt install mc -y
# adduser user
# usermod -aG sudo user
# reboot
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo apt-key fingerprint 0EBFCD88
pub 4096R/0EBFCD88 2017-02-22
Отпечаток ключа = 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
uid Docker Release (CE deb) <docker@docker.com>
sub 4096R/F273FCD8 2017-02-22
$ sudo add-apt-repository "deb https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
$ sudo apt-get install docker-ce
$ sudo usermod -aG docker $(whoami)
$ sudo reboot
$ docker run -d --restart=always -p 8080:8080 rancher/server
http://ip:8080
$ cd ~
$ wget https://dl.eff.org/certbot-auto
$ chmod a+x certbot-auto
$ ./certbot-auto certonly
$ sudo apt-get install nginx
$ sudo nano /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
upstream target {
server localhost:8080;
}
server {
listen 443 ssl;
server_name www.zaz60.com;
ssl_certificate /etc/letsencrypt/live/www.zaz60.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.zaz60.com/privkey.pem;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://target;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
# This allows the ability for the execute shell window to remain open for up to 15 minutes. Without this parameter, the default is 1 minute and will automatically close.
proxy_read_timeout 900s;
}
}
server {
listen 80;
server_name www.zaz60.com;
return 301 https://$server_name$request_uri;
}
}
Сохранить.
$ sudo nginx -t
$ sudo service nginx restart
Комментариев нет:
Отправить комментарий