Question

我想用Nginx运行一个docker-compose，它只是其他docker-compose服务的代理。

这是我的docker-compose.yml with proxy：

version: '2'

services:
    storage:
        image: nginx:1.11.13
        entrypoint: /bin/true
        volumes:
            - ./config/nginx/conf.d:/etc/nginx/conf.d
            - /path_to_ssl_cert:/path_to_ssl_cert
    proxy:
        image: nginx:1.11.13
        ports:
            - "80:80"
            - "443:443"
        volumes_from:
            - storage
        network_mode: "host"

因此它会抓取到端口80或443的所有连接，并将它们代理到./config/nginx/conf.d目录中指定的服务。

以下是示例服务./config/nginx/conf.d/domain_name.conf：

server {
    listen 80;
    listen 443 ssl;
    server_name domain_name.com;

    ssl_certificate     /path_to_ssl_cert/cert;
    ssl_certificate_key /path_to_ssl_cert/privkey;

    return 301 https://www.domain_name.com$request_uri;
}

server {
    listen 80;
    server_name www.domain_name.com;

    return 301 https://www.domain_name.com$request_uri;

#    If you uncomment this section and comment return line it's works
#    location ~ {
#        proxy_pass http://localhost:8888;
#        # or proxy to https, doesn't matter 
#        #proxy_pass https://localhost:4433;
#    }
}

server {
    listen 443 ssl;
    server_name www.domain_name.com;

    ssl on;
    ssl_certificate     /path_to_ssl_cert/cert;
    ssl_certificate_key /path_to_ssl_cert/privkey;

    location ~ {
        proxy_set_header Host            $host;
        proxy_set_header X-Real-IP       $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Client-Verify SUCCESS;
        proxy_set_header X-Client-DN     $ssl_client_s_dn;
        proxy_set_header X-SSL-Subject   $ssl_client_s_dn;
        proxy_set_header X-SSL-Issuer    $ssl_client_i_dn;

        proxy_pass https://localhost:4433;
#       like before
#       proxy_pass http://localhost:8888;
    }
}

它会将所有请求http://domain_name.com，https://domain_name.com和http://www.domain_name.com重定向到https://www.domain_name.com并将其代理到特定的localhost服务。

这是我的特定服务docker-compose.yml

version: '2'

services:
    storage:
        image: nginx:1.11.13
        entrypoint: /bin/true
        volumes:
            - /path_to_ssl_cert:/path_to_ssl_cert
            - ./config/nginx/conf.d:/etc/nginx/conf.d
            - ./config/php:/usr/local/etc/php
            - ./config/php-fpm.d:/usr/local/etc/php-fpm.d
            - php-socket:/var/share/php-socket
    www:
        build:
            context: .
            dockerfile: ./Dockerfile_www
        image: domain_name_www
        ports:
            - "8888:80"
            - "4433:443"
        volumes_from:
            - storage
        links:
            - php
    php:
        build:
            context: .
            dockerfile: ./Dockerfile_php
        image: domain_name_php
        volumes_from:
            - storage

volumes:
    php-socket:

因此，当您转到http://www.domain_name.com:8888或https://www.domain_name.com:4433时，您将获得内容。当您从运行泊坞窗的服务器发出localhost:8888或https://localhost:4433时，您也会收到内容。

现在是我的问题。

当我转到浏览器并输入domain_name.com，www.domain_name.com或https://www.domain_name.com时，没有任何反应。即使我从本地机器卷曲到这个域，我也会超时。

我搜索了一些信息“nginx proxy https to localhost”，但注意到我的工作。

Answer 1

我有解决方案！

当我在network_mode: "host"为我的代理设置docker-compose.yml时，我认为ports:个条目仍然有效，但没有。

现在代理在我的主机网络中工作，因此它使用本地端口并省略ports:中的docker-compose.yml个条目。这意味着我已在我的服务器上手动打开端口80和443。

https代理到localhost后的nginx超时

1 个答案: