devops
research
reliable
Hello, btb today –> i have mission with nginx-webserver if you want to understand nginx –> go for my @xeusnguyen - NGINX and Apache on vietnamese - If you want to english version so don't wrr i will back to another version of that. Enjoy the lab –>
Using the multi-stage for solving that problem –> identify what need to target and build it
Learn More →
Update: after time for implement –> ajust docker file into 2 file individual –> easy to using with each others
Docker/Dockerfile.web:
FROM node:14
WORKDIR /app
# RUN apk add --update curl git zip
COPY ./src/ /app
RUN npm install
CMD ["npm", "start"]
Docker/Dockerfile.nginx:
FROM nginx:1.23.3
COPY ./conf /
ARG domain_key
ENV domain_key=${domain_key}
ARG domain_crt
ENV domain_crt=${domain_crt}
RUN mv *.key /etc/nginx/
RUN mv *.crt /etc/nginx/
RUN mv nginx.conf default.conf.template
RUN envsubst < default.conf.template > /etc/nginx/conf.d/default.conf
After building complete dockerfile we need to compose it into one for building project with docker-compose
docker-compose.yaml
version: "3"
networks:
my_network1:
my_network2:
my_network3:
my_network4:
services:
nginx_alb:
image: nginx_alb:latest
container_name: web-server
ports:
- 80:80
- 443:443
networks:
- my_network1
- my_network2
- my_network3
- my_network4
restart: always
app1:
image: webpage8001:latest
container_name: app1
expose:
- 8001
networks:
- my_network1
environment:
- MESSAGE="App 1 !"
- PORT=8001
app2:
image: webpage8002:latest
container_name: app2
expose:
- 8002
networks:
- my_network2
environment:
- MESSAGE="App 2 !"
- PORT=8002
app3:
image: webpage8003:latest
container_name: app3
expose:
- 8003
networks:
- my_network3
environment:
- MESSAGE="App 3 !"
- PORT=8003
app4:
image: webpage8004:latest
container_name: app4
expose:
- 8004
networks:
- my_network4
environment:
- MESSAGE="App 4 !"
- PORT=8004
nginx.conf
upstream alb
{
server app1:8001;
server app2:8002;
}
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server{
listen 443 ssl;
ssl on;
server_name _;
ssl_certificate ${domain_crt};
ssl_certificate_key ${domain_key};
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
return 404;
}
location /original {
proxy_pass http://alb;
}
location /v1 {
return 307 /original;
}
location /v2 {
return 307 /original;
}
location /v3 {
proxy_pass http://app3:8003;
}
location /v4 {
proxy_pass http://app4:8004;
}
}
And last one, we need onething to run all with bash script
run_setup.sh
#!/bin/bash
export docker_err=100
export syspath_err=101
# Get the absolution of path
abs_path_file_execute=$(realpath "$0")
abs_path_folder_script=$(dirname "$abs_path_file_execute")
abs_path_folder_root=$(dirname "$(dirname "$abs_path_file_execute")")
abs_path_folder_docker="$abs_path_folder_root""/docker/"
abs_path_folder_src="$abs_path_folder_root""/src/"
abs_path_folder_conf="$abs_path_folder_docker/conf"
source "$abs_path_folder_script/try_catch.sh"
# Generate the ssl certificate
# Write a Powershell script and a Bash script that generate a self-signed SSL certificate
DOMAIN="$1"
if [ -z "$DOMAIN" ]; then
echo "Usage: $(basename $0) <domain>"
exit 11
fi
fail_if_error() {
[ $1 != 0 ] && {
unset PASSPHRASE
exit 10
}
}
# Generate a passphrase
export PASSPHRASE=$(head -c 500 /dev/urandom | tr -dc a-z0-9A-Z | head -c 128; echo)
# Certificate details; replace items in angle brackets with your own info
subj="
C=VN
ST=blah
O=Blah
localityName=vietnam
commonName=$DOMAIN
organizationalUnitName=Blah
emailAddress=admin@example.com
"
# Generate the server private key
openssl genrsa -des3 -out "$abs_path_folder_conf/$DOMAIN.key" -passout env:PASSPHRASE 2048
fail_if_error $?
# Generate the CSR
openssl req \
-new \
-batch \
-subj "$(echo -n "$subj" | tr "\n" "/")" \
-key "$abs_path_folder_conf/$DOMAIN.key" \
-out "$abs_path_folder_conf/$DOMAIN.csr" \
-passin env:PASSPHRASE
fail_if_error $?
cp "$abs_path_folder_conf/$DOMAIN.key" "$abs_path_folder_conf/$DOMAIN.key.org"
fail_if_error $?
# Strip the password so we don't have to type it every time we restart Apache
openssl rsa -in "$abs_path_folder_conf/$DOMAIN.key.org" -out "$abs_path_folder_conf/$DOMAIN.key" -passin env:PASSPHRASE
fail_if_error $?
# Generate the cert (good for 10 years)
openssl x509 -req -days 3650 -in "$abs_path_folder_conf/$DOMAIN.csr" -signkey "$abs_path_folder_conf/$DOMAIN.key" -out "$abs_path_folder_conf/$DOMAIN.crt"
fail_if_error $?
# Remove docker ps & image
docker stop "$(docker ps -a)" || true
docker rm -f "$(docker ps -aq)" || true
docker rmi nginx_alb:latest || true
docker rmi "$(docker image list | grep webpage)" || true
# Remove the network
docker network rm "$(docker network list | grep my_network)" || true
# Move on the src folder and after that execute the docker script
# Solution 1: Using the mv but not working if don't move absolute path
# mv $(ls $abs_path_folder_script --ignore=run_setup.sh --ignore=try_catch.sh) "$abs_path_folder_docker/conf/" || throw $syspath_err
# Solution 2: Move with name of Domain --> it work good
# mv "$abs_path_folder_script/$DOMAIN.crt" "$abs_path_folder_docker/conf" || throw $syspath_err
# mv "$abs_path_folder_script/$DOMAIN.key" "$abs_path_folder_docker/conf" || throw $syspath_err
# mv "$abs_path_folder_script/$DOMAIN.csr" "$abs_path_folder_docker/conf" || throw $syspath_err
# mv "$abs_path_folder_script/$DOMAIN.key.org" "$abs_path_folder_docker/conf" || throw $syspath_err
# Solution 3: Create into conf and do not erase smt
# cp -r "$PWD"/../src/ "$PWD"/../docker/
cp -r "$abs_path_folder_src" "$abs_path_folder_docker" || throw $syspath_err
# cd "$PWD"/../docker/ || exit
cd "$abs_path_folder_docker" || throw $syspath_err
# Pull and create each website with specified name
docker build -t webpage8001:latest -f Dockerfile.web . || throw $docker_err
docker build -t webpage8002:latest -f Dockerfile.web . || throw $docker_err
docker build -t webpage8003:latest -f Dockerfile.web . || throw $docker_err
docker build -t webpage8004:latest -f Dockerfile.web . || throw $docker_err
rm -rf src/ || throw $syspath_err
docker build -t nginx_alb:latest --build-arg domain_key=$DOMAIN.key --build-arg domain_crt=$DOMAIN.crt -f Dockerfile.nginx . || throw $docker_err
cd "$abs_path_folder_docker/conf/" || throw $syspath_err
rm $(ls --ignore=nginx.conf) || throwErrors $syspath_err
cd "$abs_path_folder_root" || throw $syspath_err
docker-compose up -d || true
try_catch.sh
#!/bin/bash
function try()
{
[[ $- = *e* ]]; SAVED_OPT_E=$?
set +e
}
function throw()
{
exit $1
}
function catch()
{
export ex_code=$?
(( $SAVED_OPT_E )) && set +e
return $ex_code
}
function throwErrors()
{
set -e
}
function ignoreErrors()
{
set +e
}
Oh i missing the web part just use the source code from previous session –> but need to config env to see what dif between the webpage
index.js
const http = require('http');
const port = process.env.PORT || 3000;
const message = process.env.MESSAGE;
const server = http.createServer((req, res) => {
res.statusCode = 200;
const msg = message
res.end(msg);
});
server.listen(port, () => {
console.log(`Server running on http://localhost:${port}/`);
})
package.json
{
"name": "node-hello",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"start": "node index.js"
},
"repository": {
"type": "git",
"url": "git+https://github.com/johnpapa/node-hello.git"
},
"keywords": [],
"author": "",
"license": "ISC",
"bugs": {
"url": "https://github.com/johnpapa/node-hello/issues"
},
"homepage": "https://github.com/johnpapa/node-hello#readme"
}
Result
Multi-stage builds
Copy but ignore some file
Config ssl
Nginx configure example
Nginx –> config with digital ocean
Config env for nginx
In some scenarios, web applications are written to request access to files on a given system, including images, static text, and so on via parameters. Parameters are query parameter strings attached to the URL that could be used to retrieve data or perform actions based on user input. The following graph explains and breaking down the essential parts of the URL.
Mar 2, 2025Đây là công đoạn yêu cầu nhiều tài nguyên và cách tiếp cận khác nhau để khai thác trong suốt quá trình phát triển của sản phẩm phần mềm (SDLC)(Hình ảnh của Topdev)
Dec 21, 2024helm-chart-grafana-values
Dec 21, 2024First solve
May 5, 2024or
By clicking below, you agree to our terms of service.
New to HackMD? Sign up