我试图隐藏部署容器的端口,并使用ProxyPass保留原始url。我可能错误地配置了一些东西,因为不是简单地保留原始地址,而是重定向到容器地址(example.com:8014而不是保留subdomain.example.com)。HTTP响应是:301 Moved permanent (from service worker)。
这是包含代理的虚拟主机:
<VirtualHost *:80>
ServerName subdomain.example.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =subdomain.example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin@example.com
ServerName subdomain.example.com
ServerAlias subdomain.example.com
LoadModule proxy_http_module modules/mod_proxy_http.so
SSLProxyEngine On
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/subdomain.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.example.com/privkey.pem
ProxyPreserveHost On
ProxyPass / https://example.com:8014/
ProxyPassReverse / https://example.com:8014/
</VirtualHost>
这是容器中的虚拟主机:
<VirtualHost *:80>
ServerName example.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com:8014
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
ServerAdmin admin@example.com
ServerName example.com
<Directory /var/www/html>
AllowOverride All
</Directory>
SSLEngine On
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLOptions +StrictRequire
SSLCertificateFile /etc/apache2/fullchain.pem
SSLCertificateKeyFile /etc/apache2/privkey.pem
</VirtualHost>
容器端口映射如下:80->8012, 443->8014。
我的目标是到达example.com:8014使用subdomain.example.com不改变地址。另外,我甚至不知道为什么当使用example.com:8012时,我没有被重定向到端口8014的https。问题一定是在容器虚拟主机上,因为它正在生成301状态码。
配置工作正常。我建议清除谷歌浏览器的缓存时,这样的事情发生。