我想要:
(1)https://example.com使用SSL提供静态内容
(2)https://sub.example.com/myapp用于使用SSL从NodeJS提供动态内容。
我有一个域example.com和一个子域sub.example.com。我有一个其中包含nginx和nodejs应用程序的Docker容器。在Digital Ocean上使用Ubuntu。
我收到502 Bad Gateway错误。不确定是否可以正常工作,如何解决。
docker-compose.yml:
version: '3'
services:
nginx:
image: nginx:1.15-alpine
restart: unless-stopped
volumes:
- ./data/nginx:/etc/nginx/conf.d
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
- ./data/nginx/html:/etc/nginx/html
ports:
- "80:80"
- "443:443"
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
node:
image: node:11
volumes:
- ./data/node:/usr/local/src/node
ports:
- "8080:8080"
working_dir: /usr/local/src/node/myapp
command: node server.js
nginx.conf:
server {
listen 80;
server_name example.com;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name example.com;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location /myapp {
proxy_pass http://localhost:8080;
}
}