Nginx
Nginx 處理 SSL 和代理傳遞到 docker 中的 HTTP 後端,但嘗試繼續提供本地內容
我嘗試設置一個 docker-compose 環境,其中 Nginx 容器接收 HTTPS 請求,處理 SSL 並將它們反向代理到僅實現 HTTP 的 dotnet-core 應用程序。
這個話題已經在這裡討論過好幾次了,我試圖創建一個最小的配置來達到這個目的(類似於這個:NGINX SSL Pass-thru and Docker)
問題是,儘管 Nginx 被配置為對 dotnet-core 應用程序的 proxy_pass 請求,但該應用程序仍以 404 響應,該應用程序目前僅對所有請求響應“Hello world”。
nginx_1 | 2021/06/25 04:07:54 [error] 24#24: *1 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 210.61.91.199, server: tgdev.pillepalle1.de, request: "GET / HTTP/1.1", host: "tgdev.pillepalle1.de"
我與容器連接並從那裡提取設置
root@70e20feb4fae:/etc/nginx# ls -l
total 32 drwxr-xr-x 1 root root 4096 Jun 25 01:49 conf.d -rw-r--r-- 1 root root 1007 May 25 12:28 fastcgi_params -rw-r--r-- 1 root root 5290 May 25 12:28 mime.types lrwxrwxrwx 1 root root 22 May 25 13:01 modules -> /usr/lib/nginx/modules -rw-r--r-- 1 root root 648 May 25 13:01 nginx.conf -rw-r--r-- 1 root root 636 May 25 12:28 scgi_params -rw-r--r-- 1 root root 664 May 25 12:28 uwsgi_params
root@70e20feb4fae:/etc/nginx# cat nginx.conf
user nginx; worker_processes auto; error_log /var/log/nginx/error.log notice; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 65; #gzip on; include /etc/nginx/conf.d/*.conf; }
root@70e20feb4fae:/etc/nginx/conf.d# ls
certbot.conf default.conf
root@70e20feb4fae:/etc/nginx/conf.d# cat default.conf
server { listen 80; listen [::]:80; server_name localhost; location / { # return 301 https://$host/$request_uri; proxy_pass http://tgwebapp:80; } } server { listen 443 ssl; listen [::]:443 ssl; server_name localhost; ssl_certificate /etc/letsencrypt/live/this/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/this/privkey.pem; location / { proxy_pass http://tgwebapp:80; } }
root@70e20feb4fae:/etc/nginx/conf.d# cat certbot.conf
server { listen 80; listen [::]:80; server_name localhost; location /.well-known/ { proxy_pass http://certbot; } }
沒有 nginx 應該導致服務的條目
/etc/nginx/html/index.html
。我錯過了什麼?
您設置了兩個重複的虛擬主機,一個
certbot.conf
在default.conf
. 兩個虛擬主機都在埠 80 和server_name
localhost
. 因此 nginx 會忽略另一個並始終使用第一個。要解決此問題,請刪除
certbot.conf
並使用以下內容default.conf
:server { listen 80; listen [::]:80; server_name localhost; location /.well-known/ { proxy_pass http://certbot; } location / { # return 301 https://$host/$request_uri; proxy_pass http://tgwebapp:80; } }