在nginx / nxgin-proxy容器中使用Nextcloud来处理其他服务

时间:2017-08-19 15:23:14

标签: docker nginx nextcloud jwilder-nginx-proxy

我正在尝试使用nextcloud:fpm泊坞窗图片和nginx泊坞窗图片运行neginx-proxy泊坞窗图片,并尝试提供除netxcloud之外的多项服务(对于instace sonarr,等)来自相同的nginx图像。

为了做到这一点,我想配置所有内容,以便在我尝试时:http//my-server.com/nextcloud我会看到nexcloud,当我做``http // my-server.com / sonarr`时,我会去声纳服务。

我创建了一个目录,如: nginx我拥有与nginx相关的所有内容。 在nginx nextcloud`里面我配置nexcloud。

nginx中,docker-compose.yml为:

version: '2'
services:
  proxy:
    image: jwilder/nginx-proxy
    container_name: proxy
    ports:
      - 80:80
      - 443:443
    volumes:
      - /mnt/server/proxy/conf.d:/etc/nginx/conf.d
      - /mnt/server/proxy/vhost.d:/etc/nginx/vhost.d
      - /mnt/server/proxy/html:/usr/share/nginx/html
      - /mnt/server/proxy/certs:/etc/nginx/certs:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
    networks:
      - proxy-tier
    restart: always

  letsencrypt-companion:
    image: alastaircoote/docker-letsencrypt-nginx-proxy-companion
    container_name: letsencrypt-companion
    volumes_from:
      - proxy
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /mnt/server/proxy/certs:/etc/nginx/certs:rw
    restart: always

  web:
    # image: nginx:alpine
    image: nginx
    container_name: nginx-webserver
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
      - /mnt/server/nextcloud:/var/www/html/nextcloud/
    external_links:
      - nextcloud
    environment:
      - VIRTUAL_HOST=my-server.com
      - VIRTUAL_NETWORK=nginx-proxy
      - VIRTUAL_PORT=80
      - LETSENCRYPT_HOST=my-server.com
      - LETSENCRYPT_EMAIL=myemail@google.com
    networks:
      - proxy-tier
    restart: always

networks:
  proxy-tier:
    external:
      name: nginx-proxy

nginx.conf

user www-data;

events {
  worker_connections 768;
}

http {
  upstream docker-nextcloud {
      server nextcloud:9000;
  }

  server {
    listen 80;

    location /nextcloud {
      proxy_pass          http://docker-nextcloud;
      proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header    X-Real-IP $remote_addr;
      proxy_set_header    Host $http_host;
      server_name_in_redirect on;
    }

nextcloud目录docker-compose.yml

version: '2'
services:
  nextcloud:
    image: nextcloud:fpm
    container_name: nextcloud
    links:
      - db
    volumes:
      - /mnt/server/nextcloud:/var/www/html/nextcloud/
      - /mnt/server/nextcloud/apps:/var/www/html/nextcloud/apps/
      - /mnt/server/nextcloud/config:/var/www/html/nextcloud/config/
      - /mnt/server/nextcloud/data:/var/www/html/nextcloud/data/
    networks:
      - proxy-tier
    restart: always

  db:
    image: postgres
    container_name: db
    volumes:
      - /mnt/server/nextcloud/db:/var/lib/postgresql/
    environment:
      - POSTGRES_DB=nextcloud
      - POSTGRES_USER=nextcloud
      - POSTGRES_PASSWORD=somepassword
    networks:
      - proxy-tier
    restart: always

networks:
  proxy-tier:
    external:
      name: nginx-proxy

这一切都失败了nginx泊坞窗容器日志中的消息:

2017/08/19 15:05:09 [error] 8#8: *3 recv() failed (104: Connection reset by peer) while reading response header from upstream, client:
172.18.0.6, server: , request: "GET /nextcloud/ HTTP/1.1", upstream: "http://172.18.0.4:9000/nextcloud/", host: "my-server.com"
172.18.0.6 - - [19/Aug/2017:15:05:09 +0000] "GET /nextcloud/ HTTP/1.1" 502 173 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:55.0) Gecko/20100101 Firefox/55.0"

2 个答案:

答案 0 :(得分:1)

以下几行真的是危险,我建议不要记录以外的任何其他卷映射:

  - /mnt/server/nextcloud:/var/www/html/nextcloud/
  - /mnt/server/nextcloud/apps:/var/www/html/nextcloud/apps/
  - /mnt/server/nextcloud/config:/var/www/html/nextcloud/config/
  - /mnt/server/nextcloud/data:/var/www/html/nextcloud/data/

背后的原因是入口点脚本为/var/www/html的所有文件执行rsync并删除他们未排除的所有内容。因此,rsync脚本会尝试删除/var/www/html/nextcloud以及所有数据。

实际上如果版本不同,它在内部是如何工作的:将所有文件从一个文件夹复制到/ var / www / html 并删除除了一小组被排除的文件夹(例如/ data)之外的所有文件。这就是为什么它无法找到所需文件的原因:它们只能复制到/ var / www / html而不是复制到/ var / www / html / nextcloud所在的位置。

我看到以下选项作为解决方法:

  • 使用nextcloud:apache图像,只需使用nginx作为反向代理重写它:

    location /nextcloud/ {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://nextcloud:80; # nexcloud is the name of the container
        client_max_body_size 1000M;
        rewrite ^/nextcloud(/.*)$ $1 break;
    } 
    
  • 使用两个nginx系统(在不同的端口或不同的实例上):一个使用nextcloud:fpm(如nextcloud)会收听/,另一个会重写/nextcloud(请参阅前一点中的配置)

修改nginx以使用fpm并重写它看起来真的很痛苦,你需要确保各种重写不重叠。我尝试了一些事情而且效果不好,因此我自己抛弃了这种方法。使用默认值的一个好处是使用Nextcloud推荐的nginx配置,版本之间可能会有所不同。

答案 1 :(得分:0)

我正在使用这个设置,它工作得很好:

NGINX REVERSE PROXY:

version: '3'
services:
  nginx-web:
    image: nginx
    labels:
        com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
    container_name: ${NGINX_WEB}
    restart: always
    ports:
      - "${IP}:80:80"
      - "${IP}:443:443"
    volumes:
      - ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:ro
      - ${NGINX_FILES_PATH}/htpasswd:/etc/nginx/htpasswd:ro

  nginx-gen:
    image: jwilder/docker-gen
    command: -notify-sighup ${NGINX_WEB} -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
    container_name: ${DOCKER_GEN}
    restart: always
    volumes:
      - ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:ro
      - ${NGINX_FILES_PATH}/htpasswd:/etc/nginx/htpasswd:ro
      - /var/run/docker.sock:/tmp/docker.sock:ro
      - ./nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro

  nginx-letsencrypt:
    image: jrcs/letsencrypt-nginx-proxy-companion
    container_name: ${LETS_ENCRYPT}
    restart: always
    volumes:
      - ${NGINX_FILES_PATH}/conf.d:/etc/nginx/conf.d
      - ${NGINX_FILES_PATH}/vhost.d:/etc/nginx/vhost.d
      - ${NGINX_FILES_PATH}/html:/usr/share/nginx/html
      - ${NGINX_FILES_PATH}/certs:/etc/nginx/certs:rw
      - /var/run/docker.sock:/var/run/docker.sock:ro
    environment:
      NGINX_DOCKER_GEN_CONTAINER: ${DOCKER_GEN}
      NGINX_PROXY_CONTAINER: ${NGINX_WEB}

networks:
  default:
    external:
      name: ${NETWORK}

这是为Nextcloud容器设置的:

version: '3'

services:
   cloud-db:
     container_name: ${DB_CONTAINER_NAME}
     image: mariadb:latest
     restart: unless-stopped
     volumes:
        - ${LOCAL_DB_DIR}:/var/lib/mysql
     environment:
       MYSQL_DATABASE: ${MYSQL_DATABASE}
       MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
       MYSQL_USER: ${MYSQL_USER}
       MYSQL_PASSWORD: ${MYSQL_PASSWORD}

   cloud-app:
     depends_on:
       - cloud-db
     container_name: ${APP_CONTAINER_NAME}
     image: nextcloud:latest
     restart: unless-stopped
     volumes:
       - ${LOCAL_DATA_DIR}:/var/www/html
       - ${LOCAL_CONF_DIR}:/var/www/html/config
       - ${LOCAL_APPS_DIR}:/var/www/html/apps
     environment:
       NEXTCLOUD_ADMIN_USER: ${NEXTCLOUD_ADMIN_USER}
       NEXTCLOUD_ADMIN_PASSWORD: ${NEXTCLOUD_ADMIN_PASSWORD}
       NEXTCLOUD_DATA_DIR: ${NEXTCLOUD_DATA_DIR}
       NEXTCLOUD_TABLE_PREFIX: ${NEXTCLOUD_TABLE_PREFIX}
       VIRTUAL_HOST: ${VIRTUAL_HOST}
       LETSENCRYPT_HOST: ${LETSENCRYPT_HOST}
       LETSENCRYPT_EMAIL: ${LETSENCRYPT_EMAIL}
       MYSQL_DATABASE: ${MYSQL_DATABASE}
       MYSQL_USER: ${MYSQL_USER}
       MYSQL_PASSWORD: ${MYSQL_PASSWORD}
       MYSQL_HOST: ${MYSQL_HOST}

networks:
    default:
       external:
         name: ${NETWORK}

所有人都来自这里:

  1. Docker-Compose-LetsEncrypt-Nginx-Proxy-Companion

  2. Docker-Nextcloud-LetsEncrypt

  3. 编辑:

    正如您提到的FPM图像,您必须为Nextcloud容器添加以下环境选项:

    environment:
      [..]
      VIRTUAL_ROOT: /var/www/html
      VIRTUAL_PROTO: fastcgi
    

    或者您可以按照Nextcloud示例:

    https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm