commit e6ee02e2f317dfbb37d1d971ee4475fdd8ee0b5f
Author: liuyx <liuyx@happeny.to>
Date:   Sun Feb 4 20:39:43 2024 +0800

    feat: init

diff --git a/.env b/.env
new file mode 100755
index 0000000..78d38e9
--- /dev/null
+++ b/.env
@@ -0,0 +1,5 @@
+COMPOSE_PROJECT_NAME=gateway
+TZ=Asia/Shanghai
+TERM=xterm-256color
+
+DIR=.
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..2d8b701
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+/ngx/etc/.*
+/ngx/log
\ No newline at end of file
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100755
index 0000000..0842c46
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,26 @@
+version: '3'
+
+networks:
+  local:
+    name: local
+    external: true
+
+services:
+  ngx:
+    container_name: ngx
+    image: nginx:latest
+    restart: always
+    ports:
+      - 80:80
+      - 443:443
+    networks:
+      - local
+    volumes:
+      - ${DIR}/ngx/etc/nginx.conf:/etc/nginx/nginx.conf
+      - ${DIR}/ngx/etc/conf.d:/etc/nginx/conf.d # 外层有公共参数定义
+      - ${DIR}/ngx/log:/var/log/nginx
+      - /etc/localtime:/etc/localtime:ro
+    environment:
+      TZ:
+      TERM:
+    
\ No newline at end of file
diff --git a/ngx/etc/conf.d/includ.conf b/ngx/etc/conf.d/includ.conf
new file mode 100755
index 0000000..59078cb
--- /dev/null
+++ b/ngx/etc/conf.d/includ.conf
@@ -0,0 +1 @@
+include ./conf.d/*/*.conf;
\ No newline at end of file
diff --git a/ngx/etc/conf.d/model/site.cnf b/ngx/etc/conf.d/model/site.cnf
new file mode 100755
index 0000000..11d4180
--- /dev/null
+++ b/ngx/etc/conf.d/model/site.cnf
@@ -0,0 +1,38 @@
+upstream {stream_name} {
+    server localhost:{port} weight=1;
+}
+
+# ===================配置===================
+# 带加密的 web
+server {
+    listen 80;
+    listen 443 ssl http2;
+
+    charset utf-8;
+    
+    server_name {server_name};
+
+    # 日志
+    access_log  ./conf.d/{name}/access.log;
+    error_log   ./conf.d/{name}/error.log;
+
+    #
+    location / {
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_redirect off;
+        proxy_pass http://{stream_name};
+    }
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+        root  conf/path/to/site;
+    }
+
+    # 自动重定向 80 到 443 开启 SSL
+    # if ( $scheme = http ){
+    #     return 301 https://$server_name$request_uri;
+    # } 
+}
\ No newline at end of file
diff --git a/ngx/etc/conf.d/model/web.cnf b/ngx/etc/conf.d/model/web.cnf
new file mode 100755
index 0000000..359949a
--- /dev/null
+++ b/ngx/etc/conf.d/model/web.cnf
@@ -0,0 +1,19 @@
+server {
+    listen 80;
+    listen 443 ssl http2;
+
+    # 自动重定向 80 到 443 开启 SSL
+        # if ( $scheme = http ){
+    #     return 301 https://$server_name$request_uri;
+    # }  
+
+    access_log  ./conf.d/{server}/access.log;
+    error_log   ./conf.d/{server}/error.log;
+    charset utf-8;
+
+    server_name {server_name};
+
+
+    # web 根目录
+    root /path/to/web;
+}
\ No newline at end of file
diff --git a/ngx/etc/nginx.conf b/ngx/etc/nginx.conf
new file mode 100755
index 0000000..d8acb4f
--- /dev/null
+++ b/ngx/etc/nginx.conf
@@ -0,0 +1,47 @@
+user nginx;
+worker_processes auto; 
+
+error_log /var/log/nginx/error.log notice;
+pid /var/run/nginx.pid;
+
+
+events {
+    worker_connections 1024;
+}
+
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+    '$status $body_bytes_sent "$http_referer" '
+    '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log /var/log/nginx/access.log main;
+
+    sendfile on;
+    #tcp_nopush     on;
+
+    keepalive_timeout 65;
+
+    ########## 以下为自定义配置 ##########
+
+    #自定义变量 $connection_upgrade
+    map $http_upgrade $connection_upgrade {
+        default keep-alive;     # 默认为 keep-alive 一般 http 请求
+        'websocket' upgrade;    # 如果为 websocket 则 upgrade 升级
+    }
+
+    #gzip  on;
+    # 关闭 ip 地址访问
+    server {
+        listen 80 default_server;
+        # listen 443 ssl http2;
+        server_name _;
+
+        return 403;
+    }
+
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/readme.md b/readme.md
new file mode 100644
index 0000000..283c684
--- /dev/null
+++ b/readme.md
@@ -0,0 +1,35 @@
+# 使用 docker Gateway
+
+## docker 网络配置
+
+> 一个 docker 网段的创建关联一组 veth 配置，多个需要互相访问的服务尽量在同一网段下使用 docker network 通信，可以解决大多数由网络造成的访问问题。
+
+1. 创建本地网段
+
+```shell
+docker network create --ipv6 --subnet=2001:db8:abcd::/64 --gateway=2001:db8:abcd::1 --attachable local
+```
+
+2. 容器加入本地网段
+```yaml
+# docker-compose.yaml
+networks:
+  local:
+    name: local
+    external: true
+
+services:
+  ngx:
+    container_name: ngx
+    image: nginx:latest
+    restart: always
+    ports:
+      - 80:80
+      - 443:443
+    networks:
+      - local
+
+# cmd
+docker run --networks=local nginx:latest
+```
+