我正在使用Docker-compose和Traefik与Let'sencrypt在生产中测试cookiecutter-django。我正在尝试将其配置为使用 Django 站点处理 2 个域(mydomain1.com 和 mydomain2.com(。
如何配置 Traefik 以便它可以将流量转发到必要的域?
这是我的traefik.toml
logLevel = "INFO"
defaultEntryPoints = ["http", "https"]
# Entrypoints, http and https
[entryPoints]
# http should be redirected to https
[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"
# https is the default
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
# Enable ACME (Let's Encrypt): automatic SSL
[acme]
# Email address used for registration
email = "mail@mydomain1.com"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
onDemand = false
OnHostRule = true
# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
[acme.httpChallenge]
entryPoint = "http"
[file]
[backends]
[backends.django]
[backends.django.servers.server1]
url = "http://django:5000"
[frontends]
[frontends.django]
backend = "django"
passHostHeader = true
[frontends.django.headers]
HostsProxyHeaders = ['X-CSRFToken']
[frontends.django.routes.dr1]
rule = "Host:mydomain1.com"
现在所有域都通过 ssl 工作,但我只能看到 mydomain1.com,mydomain2.com 显示ERR_TOO_MANY_REDIRECTS。
你试过什么?什么不起作用?通过阅读您的问题,很难说。
您似乎在 cc-django 存储库中打开的问题中有一个答案元素。
首先,我会尝试将 Traefik 排除在等式之外,并通过按照建议做一些事情在本地完成这项工作。一旦它在本地工作,就需要将正确的端口/容器映射到 Traefik 中的正确域。
假设您已经将 docker-compose 配置为在端口 5000 和 5001 上运行 django 容器,我认为您需要调整后端和前端部分,如下所示:
[backends]
[backends.django1]
[backends.django1.servers.server1]
url = "http://django:5000"
[backends.django2]
[backends.django2.servers.server1]
url = "http://django:5001"
[frontends]
[frontends.django1]
backend = "django1"
passHostHeader = true
[frontends.django1.headers]
HostsProxyHeaders = ['X-CSRFToken']
[frontends.django1.routes.dr1]
rule = "Host:mydomain1.com"
[frontends.django2]
backend = "django2"
passHostHeader = true
[frontends.django2.headers]
HostsProxyHeaders = ['X-CSRFToken']
[frontends.django2.routes.dr1]
rule = "Host:mydomain2.com"
我没有尝试这些,但这将是我要做的第一件事。此外,看起来我们可以在前端指定规则来调整路由。