1、创建目录
root@localhost \~# mkdir demo5
root@localhost \~# cd demo5
2、编写main.go
root@localhost demo5# vim main.go
文件内容如下:
package main
import (
"log"
"net/http"
)
func main() {
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
w.Write(\[\]byte("Hello, HTTPS!\n"))
})
log.Println("Server running on https://localhost:443")
err := http.ListenAndServeTLS(":443", "/etc/ssl/certs/server.crt",
"/etc/ssl/private/server.key", nil)
if err != nil {
log.Fatal("ListenAndServeTLS: ", err)
}
}
3、编写go.mod
root@localhost demo5# vim go.mod
文件内容如下:
module github.com/yourusername/go-https-server
go 1.21
require (
golang.org/x/crypto v0.14.0 // indirect
golang.org/x/net v0.17.0 // indirect
golang.org/x/sys v0.13.0 // indirect
)4、编写go.sum
[root@localhost demo5]# vim go.sum文件内容如下:
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
golang.org/x/crypto v0.14.0/go.mod
h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=5、编写Dockerfile
[root@localhost demo5]# vim Dockerfile文件内容如下::
FROM golang:1.21-alpine AS builder
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
ENV GOPROXY=https://goproxy.cn,direct
RUN apk add --no-cache git make openssl
WORKDIR /app
COPY go.mod go.sum .
RUN go mod download
COPY . .
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-w -s" -o app
RUN openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
-keyout server.key -out server.crt -subj "/CN=localhost" \
-addext "subjectAltName=DNS:localhost,IP:127.0.0.1"
FROM alpine:3.23
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories
RUN apk add --no-cache ca-certificates tzdata
RUN addgroup -S appgroup && adduser -S appuser -G appgroup
COPY --from=builder /app/app /usr/local/bin/app
COPY --from=builder /app/server.crt /etc/ssl/certs/
COPY --from=builder /app/server.key /etc/ssl/private/
RUN chown appuser:appgroup /usr/local/bin/app && \
chmod 755 /usr/local/bin/app && \
chmod 644 /etc/ssl/certs/server.crt && \
chmod 644 /etc/ssl/private/server.key
WORKDIR /home/appuser
USER appuser
EXPOSE 443
HEALTHCHECK --interval=30s --timeout=3s \
CMD wget --no-check-certificate -qO- https://localhost/healthz || exit 1
ENTRYPOINT ["app", "--cert", "/etc/ssl/certs/server.crt", "--key", "/etc/ssl/private/server.key"]6、编写.dockerignore
[root@localhost demo5]# vim .dockerignore文件内容如下:
Dockerfile7、目录结构
[root@localhost demo5]# ls -a
. .. Dockerfile .dockerignore go.mod go.sum main.go8、构建镜像
[root@localhost demo5]# docker build -t https-server:1.0 .9、查看镜像
[root@localhost demo5]# docker images 10、运行容器
[root@localhost demo5]# docker run --rm --name hs -d -p 443:443 https-server:1.0
[root@localhost demo5]# docker ps11、访问测试
[root@localhost demo5]# curl -k https://localhost
Hello, HTTPS!