Mirror usage
Self-owned certificate usage
Docker run-d--name=google \
-P 80:80-p 443:443 \
Directory for SSL certificates on-V systems:/USR/LOCAL/NGINX/CONF/SSL \
-E proxy_google=on \
-E proxy_ssl_crt_key=on \
-e proxy_crt= your CRT name \
-e proxy_key= your KEY name \
-e proxy_domain= your domain name \
Benyoo/nginx_build:proxy_google
System from the Visa book usage
Docker run-d--name=google \
-P 80:80-p 443:443 \
-E proxy_google=on \
-e proxy_domain= your domain name \
Benyoo/nginx_build:proxy_google
Docker build a nginx image to quickly build Google's anti-generation site
From centos:6.7
Maintainer from Www.111cn.net by Lookback (mondeolove@gmail.com)
RUN Yum Clean all &&
RPM--import/etc/pki/rpm-gpg/rpm-gpg-key-centos-* && \
Yum install-y epel-release &&
RPM--import/etc/pki/rpm-gpg/rpm-gpg-key-epel-6 && \
Yum Makecache && \
Yum install-y pcre-devel openssl-devel zlib-devel gd-devel tar gcc wget git
RUN groupadd--system www && \
Useradd--system--gid www www && \
mkdir-p {/var/log/wwwlogs,/var/run/nginx,/var/lock}
RUN wget-c http://nginx.org/download/nginx-1.9.5.tar.gz && \
git clone https://github.com/cuber/ngx_http_google_filter_module.git && \
git clone https://github.com/yaoweibin/ngx_http_substitutions_filter_module.git && \
git clone https://github.com/aperezdc/ngx-fancyindex.git
RUN tar xf nginx-1.9.5.tar.gz && \
CD nginx-1.9.5 && \
./configure--prefix=/usr/local/nginx \
--user=www--group=www \
--error-log-path=/var/log/wwwlogs/error.log \
--http-log-path=/var/log/wwwlogs/access.log \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--with-pcre \
--with-ipv6 \
--with-http_ssl_module \
--with-http_flv_module \
--with-http_v2_module \
--with-http_realip_module \
--with-http_gzip_static_module \
--with-http_stub_status_module \
--with-http_mp4_module \
--with-http_image_filter_module \
--with-http_addition_module \
--http-client-body-temp-path=/usr/local/nginx/client/\
--http-proxy-temp-path=/usr/local/nginx/proxy/\
--http-fastcgi-temp-path=/usr/local/nginx/fcgi/\
--HTTP-UWSGI-TEMP-PATH=/USR/LOCAL/NGINX/UWSGI \
--HTTP-SCGI-TEMP-PATH=/USR/LOCAL/NGINX/SCGI \
--add-module=.. /ngx_http_google_filter_module \
--add-module=.. /ngx_http_substitutions_filter_module \
--add-module=.. /ngx-fancyindex && \
Make-j $ (awk '/processor/{i++}end{print i} '/proc/cpuinfo) && make install && \
Rm-rf.. /{ngx_http*,ngx-fancyindex,nginx-1.9.5*}
ADD nginx.conf/usr/local/nginx/conf/nginx.conf
ADD run.sh/run.sh
RUN chmod +x/run.sh
VOLUME ["/home/wwwroot", "/usr/local/nginx/conf/ssl", "/usr/local/nginx/conf/vhost"]
Expose 80 443
entrypoint ["/run.sh"]
CMD ["Nginx"]
#!/bin/sh
#########################################################################
# File Name:run.sh
# Author:lookback
# email:admin#111cn.net
# Version:
# Created time:2015 Year November 17 Tuesday 10:29 55 seconds
#########################################################################
Path=/bin:/usr/local/nginx/sbin: $PATH
Nginx_install_dir=/usr/local/nginx
Set-e
If [-N "$TIMEZONE"]; Then
Rm-rf/etc/localtime && \
Ln-s/usr/share/zoneinfo/$TIMEZONE/etc/localtime
Fi
if ["${1:0:1}" = '-']; Then
Set--Nginx "$@"
Fi
If [-Z "$DATA _dir"]; Then
Data_dir=/home/wwwroot
Fi
Sed-i "s@/home/wwwroot@ $DATA _dir@" $Nginx _install_dir/conf/nginx.conf
Mkdir-p ${data_dir}
[!-F "$DATA _dir/index.html"] && Echo ' <meta http-equiv= "Content-type" content= "text/html; Charset=utf-8 "/>
<span style= "line-height:1.5;" ><span style= "color: #337FE5;" >hello world! This nginx!</span>
</span><span style= "Line-height:1.5;color: #E53333;" >welcome to use docker!</span>
<span style= "Line-height:1.5;color: #E53333;" > ^_^ ┢┦aρpy </span>
' > $DATA _dir/index.html
Chown-r www.www $DATA _dir
cpu_num=$ (awk '/processor/{i++}end{print i} '/proc/cpuinfo)
If ["$CPU _num" = ' 2 '];then
Sed-i ' s@^worker_processes.* @worker_processes 2;\nworker_cpu_affinity 01;@ ' $Nginx _install_dir/conf/nginx.conf
elif ["$CPU _num" = ' 3 '];then
Sed-i ' s@^worker_processes.* @worker_processes 3;\nworker_cpu_affinity 010 001;@ ' $Nginx _install_dir/conf/ Nginx.conf
elif ["$CPU _num" = ' 4 '];then
Sed-i ' s@^worker_processes.* @worker_processes 4;\nworker_cpu_affinity 1000 0100 0010 0001;@ ' $Nginx _install_dir/conf/ Nginx.conf
elif ["$CPU _num" = ' 6 '];then
Sed-i ' s@^worker_processes.* @worker_processes 6;\nworker_cpu_affinity 100000 010000 001000 000100 000010 000001;@ ' $ Nginx_install_dir/conf/nginx.conf
elif ["$CPU _num" = ' 8 '];then
Sed-i ' s@^worker_processes.* @worker_processes 8;\nworker_cpu_affinity 10000000 01000000 00100000 00010000 00001000 00000100 00000010 00000001;@ ' $Nginx _install_dir/conf/nginx.conf
Else
Echo Google worker_cpu_affinity
Fi
if [[-N ' $PROXY _google]]]; Then
[f "${nginx_install_dir}/conf/ssl"] | | Mkdir-p $Nginx _install_dir/conf/ssl
[f "${nginx_install_dir}/conf/vhost"] | | Mkdir-p $Nginx _install_dir/conf/vhost
If [-Z "$PROXY _domain"]; Then
echo >&2 ' error:missing proxy_domain '
echo >&2 ' Did you forget to Add-e proxy_domain= ...? '
Exit 1
Fi
If [-N "$PROXY _ssl_crt_key"]; then
if [-Z "$PROXY _crt"]; Then
echo >&2 ' error: missing proxy_crt '
Echo >&2 ' Did you forget to Add-e proxy_crt= ...? '
Exit 1
fi
If [-Z "$PROXY _key" ]; Then
echo >&2 ' error: missing Proxy_key '
Echo >&2 ' Did you forget to Add-e proxy_key= ...? '
Exit 1
fi
If [f "${nginx_install_dir}/conf/ssl/${proxy_crt}"]; Then
echo >&2 ' error:missing proxy_crt '
echo >&2 "You need to put ${PROXY_CRT} in SSL directory"
Exit 1
Fi
If [f "${nginx_install_dir}/conf/ssl/${proxy_key}"]; Then
echo >&2 ' error:missing PROXY_CSR '
echo >&2 "You need to put ${proxy_key} in SSL directory"
Exit 1
Fi
Else
OpenSSL Req-new-newkey rsa:2048-nodes \
-out $Nginx _install_dir/conf/ssl/$PROXY _DOMAIN.CSR \
-keyout $Nginx _install_dir/conf/ssl/$PROXY _domain.key \
-SUBJ "/c=cn/st=shanghai/l=pudong/o=legion/ou=devops/cn= $PROXY _domain/emailaddress=admin@111cn.net"
OpenSSL x509-req-days 365-in $Nginx _install_dir/conf/ssl/$PROXY _DOMAIN.CSR \
-signkey $Nginx _install_dir/conf/ssl/$PROXY _domain.key \
-out $Nginx _install_dir/conf/ssl/$PROXY _domain.crt
RM-RF $Nginx _install_dir/conf/ssl/$PROXY _DOMAIN.CSR
Proxy_key=${proxy_domain}.key
Proxy_crt=${proxy_domain}.crt
Fi
#sed-i ' 57,87d ' $Nginx _install_dir/conf/nginx.conf
Cat > ${nginx_install_dir}/conf/vhost/google.conf << EOF
server {
Listen 80;
server_name $PROXY _domain;
Return https://$PROXY _domain\ $request _uri;
}
server {
Listen 443 SSL;
server_name $PROXY _domain;
SSL on;
ssl_certificate SSL/${PROXY_CRT};
Ssl_certificate_key Ssl/${proxy_key};
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers all:!anull:! adh:!enull:! low:! Exp:rc4+rsa:+high:+medium;
keepalive_timeout 70;
Ssl_session_cache shared:ssl:10m;
ssl_session_timeout 10m;
Resolver 8.8.8.8;
Location/{
Google on;
Google_scholar on;
Google_language ZH-CN;
Google_robots_allow on;
}
}
Eof
#mv ${nginx_install_dir}/vhost/{google.conf.stop,google.conf}
Fi
Exec "$@"-g "daemon off;"
User www www.
Worker_processes Auto;
Error_log/var/log/wwwlogs/error_nginx.log Crit;
Pid/var/run/nginx.pid;
Worker_rlimit_nofile 51200;
Events {
Use Epoll;
Worker_connections 51200;
}
HTTP {
Include Mime.types;
Default_type Application/octet-stream;
Server_names_hash_bucket_size 128;
Client_header_buffer_size 32k;
Large_client_header_buffers 4 32k;
Client_max_body_size 50m;
Sendfile on;
Tcp_nopush on;
Keepalive_timeout 120;
Server_tokens off;
Tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
#Gzip Compression
Gzip on;
gzip_buffers 8k;
& nbsp; Gzip_comp_level 6;
Gzip_http_version 1.1;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
text/xml application/xml application/atom+xml application/ Rss+xml application/xhtml+xml image/svg+xml
text/javascript application/javascript Application/x-javascript
Text/x-json Application/json Application/x-web-app-manifest+json
text/css text/plain text/x-component
font/opentype application/ X-font-ttf application/vnd.ms-fontobject
image/x-icon;
gzip_disable "Msie6";
#If have a lot of static files to serve through Nginx then caching of the files ' metadata (not the actual files ' Conte NTS) can save some latency.
Open_file_cache max=1000 inactive=20s;
Open_file_cache_valid 30s;
Open_file_cache_min_uses 2;
Open_file_cache_errors on;
server {
Listen 80;
server_name-;
Root/home/wwwroot;
Index index.html index.php index.jsp;
Access_log/var/log/wwwlogs/access_nginx.log combined;
Location/status {
Stub_status on;
Auth_basic "WebServer Status";
}
# location ~ *\. (PHP|PHP5)? $ {
# #fastcgi_pass remote_php_ip:9000;
# Fastcgi_pass Unix:/dev/shm/php-cgi.sock;
# Fastcgi_index index.php;
# include fastcgi.conf;
# }
Location ~. *\. (Gif|jpg|jpeg|png|bmp|swf|flv|ico) $ {
Expires 30d;
}
Location ~. *\. (JS|CSS)? $ {
Expires 7d;
}
}
######################### #vhost #####################################
Include vhost/*.conf;
}