因此,我正在研究docker-compose脚本,以构建网络托管实现。这是我的docker-compose.yml
version: '3'
services:
#this is a supporting app for my main app.
keymanager:
image: keymanager
deploy:
replicas: 1
ports:
- '3220:3220'
networks:
- privnet
#this is my application
app:
image: app
depends_on:
- keymanager
deploy:
replicas: 1
ports:
- '3201:3201'
networks:
- privnet
- web
certbot:
image: certbot/certbot
volumes:
- ./certbot/conf:/etc/letsencrypt
- ./certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
nginx:
image: nginx:alpine
deploy:
replicas: 1
command: '/bin/sh -c ''while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g "daemon off;"'''
volumes:
- ./nginx:/etc/nginx/conf.d/
- ./certbot/conf:/etc/letsencrypt
- ./certbot/www:/var/www/certbot
ports:
- 8001:80
- 4431:443
networks:
- web
ddclient:
image: linuxserver/ddclient
environment:
- PGID=1000
- PUID=1000
- TZ=Americas/NewYork
volumes:
- ./ddclient:/config
networks:
- web
networks:
privnet:
internal: true
web:
我有我的后台应用程序在端口3201上侦听,并且我相信我已将nginx配置为proxy_pass到docker网络中的该端口。这是我的(非常基本的)配置:
server {
listen 80;
server_name <domainName.tld>;
location / {
return 301 https://$host$request_uri;
}
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
server {
listen 443 ssl;
server_name christopherrutherford.net;
ssl_certificate /etc/letsencrypt/live/<domainName.tld>/fullchain.pem;
ssl_certificate /etc/letsencrypt/live/<domainName.tld>/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass app:3201;
}
}
我还启动了linuxserver/ddclient并使用我的GoogleDNS设置运行。
这应该将我的域指向我的本地IP地址,并且已经在主机和路由器上的防火墙上打开了端口,但似乎与此无关。我进入我的域,并超时。我还转到本地的nginx端口(在浏览器中使用localhost),也获得了超时。
这是我的ddclient.conf
protocol=dyndns2
use=web
server=domains.google.com
ssl=yes
login=<from goog.dns>
password=<from goog.ddns>
@.<domainName.tld>
我在配置中缺少什么吗?