我有一个婚礼应用程序与reactjs, nestjs和traefik。我的域名来自hostinger。我有一些问题与https自动重定向。我不知道为什么traefk中间件可以很好地与url api.xxx.net一起工作。但它不能与react客户端一起工作。当我输入xxx.net时,这将导致主机托管程序的默认http页面。尝试将其更改为https,网站可以使用ssl加密。请帮助我在docker-compose或hostinger安装问题中配置错误?谢谢你的帮助!
My DNS record:CNAME www 0 xxx.net 144000 my_server_ip 14400A api 0 my_server_ip 14400
这是我的docker-compose.yml。
version: "3.9"
services:
reverse-proxy:
image: traefik:v2.4
container_name: "traefik"
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=my_email@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "443:443"
- "80:80"
- "8080:8080"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
client:
env_file:
"./client/.env"
build:
context: client
dockerfile: ./Dockerfile
image: wedding_client
container_name: wedding-client-container
ports:
- "3000:3000"
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.wedding-client-container.rule=Host(`xxx.com`)"
- "traefik.http.routers.wedding-client-container.entrypoints=websecure"
- "traefik.http.routers.wedding-client-container.tls.certresolver=myresolver"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
server:
env_file:
"./server/.env"
build:
context: server
dockerfile: ./Dockerfile
image: wedding_server
container_name: wedding-server-container
labels:
- "traefik.enable=true"
- "traefik.http.routers.wedding-server-container.rule=Host(`api.xxx.com`)"
- "traefik.http.routers.wedding-server-container.entrypoints=websecure"
- "traefik.http.routers.wedding-server-container.tls.certresolver=myresolver"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
ports:
- "5001:5001"
restart: always
我的解决方案是:
version: "3.9"
services:
reverse-proxy:
image: traefik:v2.8
container_name: "traefik"
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
- "--entrypoints.web.http.redirections.entryPoint.scheme=https"
- "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
- "--certificatesresolvers.myresolver.acme.email=abc@gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "443:443"
- "80:80"
- "8080:8080"
restart: always
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
client:
env_file:
"./client/.env"
image: thanhdeveloper/wedding_client:latest
container_name: wedding-client-container
ports:
- "3000:3000"
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.wedding-client-container.rule=Host(`nhuthanhwedding.com`)"
- "traefik.http.routers.wedding-client-container.entrypoints=websecure"
- "traefik.http.routers.wedding-client-container.tls.certresolver=myresolver"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
server:
env_file:
"./server/.env"
image: thanhdeveloper/wedding_server:latest
container_name: wedding-server-container
labels:
- "traefik.enable=true"
- "traefik.http.routers.wedding-server-container.rule=Host(`gateway.nhuthanhwedding.com`)"
- "traefik.http.routers.wedding-server-container.entrypoints=websecure"
- "traefik.http.routers.wedding-server-container.tls.certresolver=myresolver"
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
- "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
- "traefik.http.routers.redirs.entrypoints=web"
- "traefik.http.routers.redirs.middlewares=redirect-to-https"
ports:
- "5001:5001"
restart: always
如果你想要一个配置是每个服务(与全局),我认为这应该工作:
version: '3.9'
# ...
##traefik service
# ...
command:
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--providers.docker=true"
- "--providers.docker.exposedByDefault=false"
## app service
# ...
environment:
PRIMARY_DOMAIN: host.com
labels:
- "traefik.enable=true"
- "traefik.http.routers.webapp.rule=Host(`app.${PRIMARY_DOMAIN}`)"
- "traefik.http.routers.webapp.entrypoints=websecure"
- "traefik.http.routers.webapp-http.entrypoints=web"
- "traefik.http.routers.webapp-http.rule=Host(`app.${PRIMARY_DOMAIN}`)"
- "traefik.http.routers.webapp-http.middlewares=webapp-https"
- "traefik.http.middlewares.webapp-https.redirectscheme.scheme=https"