1、创建目录
root@localhost \~\]# mkdir demo5 \[root@localhost \~\]# cd demo5 2、编写main.go \[root@localhost demo5\]# vim main.go 文件内容如下: package main import ( "log" "net/http" ) func main() { http.HandleFunc("/", func(w http.ResponseWriter, r \*http.Request) { w.Write(\[\]byte("Hello, HTTPS!\\n")) }) log.Println("Server running on https://localhost:443") err := http.ListenAndServeTLS(":443", "/etc/ssl/certs/server.crt", "/etc/ssl/private/server.key", nil) if err != nil { log.Fatal("ListenAndServeTLS: ", err) } } 3、编写go.mod \[root@localhost demo5\]# vim go.mod 文件内容如下: ``` module github.com/yourusername/go-https-server go 1.21 require ( golang.org/x/crypto v0.14.0 // indirect golang.org/x/net v0.17.0 // indirect golang.org/x/sys v0.13.0 // indirect ) ``` 4、编写go.sum ``` [root@localhost demo5]# vim go.sum ``` 文件内容如下: ``` golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= ``` 5、编写Dockerfile ``` [root@localhost demo5]# vim Dockerfile ``` 文件内容如下:: ``` FROM golang:1.21-alpine AS builder RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories ENV GOPROXY=https://goproxy.cn,direct RUN apk add --no-cache git make openssl WORKDIR /app COPY go.mod go.sum . RUN go mod download COPY . . RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-w -s" -o app RUN openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \ -keyout server.key -out server.crt -subj "/CN=localhost" \ -addext "subjectAltName=DNS:localhost,IP:127.0.0.1" FROM alpine:3.23 RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories RUN apk add --no-cache ca-certificates tzdata RUN addgroup -S appgroup && adduser -S appuser -G appgroup COPY --from=builder /app/app /usr/local/bin/app COPY --from=builder /app/server.crt /etc/ssl/certs/ COPY --from=builder /app/server.key /etc/ssl/private/ RUN chown appuser:appgroup /usr/local/bin/app && \ chmod 755 /usr/local/bin/app && \ chmod 644 /etc/ssl/certs/server.crt && \ chmod 644 /etc/ssl/private/server.key WORKDIR /home/appuser USER appuser EXPOSE 443 HEALTHCHECK --interval=30s --timeout=3s \ CMD wget --no-check-certificate -qO- https://localhost/healthz || exit 1 ENTRYPOINT ["app", "--cert", "/etc/ssl/certs/server.crt", "--key", "/etc/ssl/private/server.key"] ``` 6、编写.dockerignore ``` [root@localhost demo5]# vim .dockerignore ``` 文件内容如下: ``` Dockerfile ``` 7、目录结构 ``` [root@localhost demo5]# ls -a . .. Dockerfile .dockerignore go.mod go.sum main.go ``` 8、构建镜像 ``` [root@localhost demo5]# docker build -t https-server:1.0 . ``` 9、查看镜像 ``` [root@localhost demo5]# docker images ``` 10、运行容器 ``` [root@localhost demo5]# docker run --rm --name hs -d -p 443:443 https-server:1.0 [root@localhost demo5]# docker ps ``` 11、访问测试 ``` [root@localhost demo5]# curl -k https://localhost Hello, HTTPS! ```