воскресенье, 30 декабря 2018 г.

Установка Rancher 1.6

Installer Rancher 1.6 avec let's encrypt sur Ubuntu
# apt update -y
# apt upgrade -y
# apt install mc -y
# adduser user
# usermod -aG sudo user
# reboot
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo apt-key fingerprint 0EBFCD88
pub   4096R/0EBFCD88 2017-02-22
      Отпечаток ключа = 9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88
uid                  Docker Release (CE deb) <docker@docker.com>
sub   4096R/F273FCD8 2017-02-22

$ sudo add-apt-repository "deb https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

$ sudo apt-get update
$ sudo apt-get install docker-ce
$ sudo usermod -aG docker $(whoami)
$ sudo reboot

 
$ docker run -d --restart=always -p 8080:8080 rancher/server
http://ip:8080

$ cd ~
$ wget https://dl.eff.org/certbot-auto
$ chmod a+x certbot-auto
$ ./certbot-auto certonly
$ sudo apt-get install nginx
$ sudo nano /etc/nginx/nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
    worker_connections  1024;
}

http {
  upstream target {
      server localhost:8080;
  }

  server {
      listen 443 ssl;
      server_name www.zaz60.com;
      ssl_certificate /etc/letsencrypt/live/www.zaz60.com/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/www.zaz60.com/privkey.pem;

      location / {
          proxy_set_header Host $host;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-Port $server_port;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_pass http://target;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "Upgrade";
          # This allows the ability for the execute shell window to remain open for up to 15 minutes. Without this parameter, the default is 1 minute and will automatically close.
          proxy_read_timeout 900s;
      }
  }

  server {
      listen 80;
      server_name www.zaz60.com;
      return 301 https://$server_name$request_uri;
  }
}

Сохранить.

$ sudo nginx -t
$ sudo service nginx restart

Комментариев нет:

Отправить комментарий