我尝试做什么的解释:
我在ip 192.168.1.10(docker反向代理(和192.168.1.20(其他服务(上有两个服务器。我希望10将请求重定向到20(其中许多请求使用SSL(。
示例:
用户请求nginx配置在端口80上有反向代理。如果您想将代理反向到其他容器之一,请将lacalhost更改为您为容器指定的任何服务名称。例如http://nginx_external:80
如果这不起作用,请尝试将您的配置修改为以下行:
upstream app {
server app:8080;
}
server {
listen 80;
listen [::]:80;
server_name <your_host_here>;
return 301 https://<your_host_here>$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 http2;
server_name <your_host_here>;
ssl_certificate /etc/nginx/ssl/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/key.key;
location / {
proxy_pass http://app;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
}
}
以上内容在我自己的开发容器堆栈中进行了尝试和测试
这是对我们有效的配置:
注释:
缺少一些详细信息,例如nginx.conf
文件自动采用server_name
字段中的example_external.host.com
,但稍后会出现。
另一方面,您必须小心DEFAULT_HOST=
,如果它被声明,您可能会得到错误。我建议对它进行评论,直到它工作,然后取消对它的注释
我建议使用以下命令:docker-compose up -d --remove-orphans --build
文件:
docker-compase.yaml:
version: '3'
services:
nginx-proxy:
image: budry/jwilder-nginx-proxy-arm:0.6.0
restart: always
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- certs:/etc/nginx/certs:ro
- confd:/etc/nginx/conf.d
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
# environment:
# - DEFAULT_HOST=example_internal.host.com
networks:
- frontend
letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion:stable
restart: always
volumes:
- certs:/etc/nginx/certs:rw
- confd:/etc/nginx/conf.d
- vhostd:/etc/nginx/vhost.d
- html:/usr/share/nginx/html
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- DEFAULT_EMAIL=example@email.com
networks:
- frontend
nginx_external1:
container_name: tests
restart: always
build:
context: ./scm-proxy
expose:
- "80"
environment:
- VIRTUAL_HOST=example_external.host.com
- LETSENCRYPT_HOST=example_external.host.com
- LETSENCRYPT_EMAIL=example@email.com
extra_hosts:
- "example_external.host.com:192.168.1.20"
depends_on:
- nginx-proxy
- letsencrypt
networks:
- frontend
networks:
frontend:
driver: bridge
scm-proxy/Dockerfile:
FROM nginx:stable-alpine
COPY nginx.conf /etc/nginx/nginx.conf
scm-proxy/nginx.conf:
events {
worker_connections 1024;
}
http {
server {
listen 80;
listen [::]:80;
server_name example_external.host.com;
#
location / {
# proxy_pass http://example.com;
# proxy_pass http://192.168.1.20;
proxy_pass http://example_external.host.com;
}
}
}
特别感谢@richardsefton对的奉献