我正在使用Traefik使用Letsencrypt实现反向代理Apache Docker容器。一切正常,除非后端为某些资源返回301/302重定向。 例如:
curl https://example.com/js/conf.js
> GET /js/conf.js HTTP/2
> Host: example.com
> User-Agent: curl/7.64.0
> Accept: */*
>
< HTTP/2 302
< cache-control: no-store, no-cache, must-revalidate
< content-type: text/html; charset=iso-8859-1
< date: Wed, 27 Mar 2019 16:50:05 GMT
< expires: Thu, 01 Jan 1970 00:00:00 GMT
< location: http://example.com/it/js/conf.js
< server: Apache/2.4.34 (Unix) OpenSSL/1.0.2l
< content-length: 224
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://example.com/it/js/conf.js">here</a>.</p>
</body></html>
我希望traefik将位置标头设置为https://example.com/it/js/conf.js
。
这是我正在使用的配置:
debug = true
logLevel = "info"
defaultEntryPoints = ["https","http"]
#[accessLog]
[api]
dashboard = true
[entryPoints]
[entryPoints.http]
address = ":80"
[entryPoints.https]
address = ":443"
[entryPoints.https.tls]
[retry]
[docker]
endpoint = "unix:///var/run/docker.sock"
watch = true
exposedByDefault = false
[acme]
email = "test@example.com"
storage = "/etc/traefik/acme/acme.json"
entryPoint = "https"
onHostRule = true
[acme.httpChallenge]
entryPoint = "http"
我正在运行带有以下标签的容器:
--label traefik.enable=true --label traefik.website.frontend.rule=Host:example.com --label traefik.frontend.redirect.entryPoint=https
答案 0 :(得分:0)
我在traefik和gunicorn here上遇到了类似的问题。在我的情况下,我必须传递X-FORWARDED_PROTO
标头,以使Web服务器知道初始连接是通过HTTPS完成的。这可能就是您的Apache重定向到HTTP的原因。