我已经阅读了文档,但是在不涉及Docker的情况下,我无法弄清楚如何配置Traefik v2以替换Nginx作为网站(虚拟主机)的反向代理。理想情况下,也应该让我们将https加密。
我有一个在http://127.0.0.1:4000上运行的服务,我想将代理从http://myhost.com:80撤消
这是我到目前为止提出的配置:
[Global]
checkNewVersion = true
[log]
level = "DEBUG"
filePath = "log-file.log"
[accessLog]
filePath = "log-access.log"
bufferingSize = 100
[entrypoints]
[entrypoints.http]
address = ":80"
[http]
[http.routers]
[http.routers.my-router]
rule = "Host(`www.myhost.com`)"
service = "http"
entrypoint=["http"]
[http.services]
[http.services.http.loadbalancer]
[[http.services.http.loadbalancer.servers]]
url = "http://127.0.0.1:4000"
答案 0 :(得分:3)
我知道了, 第一部分要注意的是,traefik v2中有两种配置类型,静态配置和动态配置。因此,我创建了两个文件traefik.toml和traefik-dynamic.toml。
traefik.toml的内容:
[log]
level = "DEBUG"
filePath = "log-file.log"
[accessLog]
filePath = "log-access.log"
bufferingSize = 100
[providers]
[providers.file]
filename = "traefik-dynamic.toml"
[api]
dashboard = true
debug = true
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.web-secure]
address = ":443"
[entryPoints.dashboard]
address = ":8080"
[certificatesResolvers.sample.acme]
email = "myemail@example.com"
storage = "acme.json"
[certificatesResolvers.sample.acme.httpChallenge]
# used during the challenge
entryPoint = "web"
traefik-dynamic.toml:
[http]
# Redirect to https
[http.middlewares]
[http.middlewares.test-redirectscheme.redirectScheme]
scheme = "https"
[http.routers]
[http.routers.my-router]
rule = "Host(`www.example.com`)"
service = "phx"
entryPoints = ["web-secure"]
[http.routers.my-router.tls]
certResolver = "sample"
[http.services]
[http.services.phx.loadbalancer]
[[http.services.phx.loadbalancer.servers]]
url = "http://127.0.0.1:4000"
答案 1 :(得分:2)
您还可以使用Traefik v2将代理反向转换为在本地主机上运行的服务,而无需使用Nginx,如此处所述,使用Traefik的 File (而不是 Docker 提供程序)。
首先,通过更新myhost.com
将呼叫通过localhost
路由到/etc/hosts
,例如:
127.0.0.1 myhost.com
创建一个最小的docker-compose.yml
,例如:
version: "3.7"
services:
proxy:
image: traefik:2.0
command:
- "--providers.file.filename=/etc/traefik/proxy-config.toml"
- "--entrypoints.web.address=:80"
ports:
- "80:80"
volumes:
- ./proxy-config.toml:/etc/traefik/proxy-config.toml:ro
此Compose文件创建一个只读卷,其中包含根据要求代表Nginx的Traefik反向代理的动态配置。它为Traefik使用 File 提供程序,而不是 Docker ,并且将空白HTTP地址映射到入口点的端口80
。这本身就是一个完整的Compose文件。除此之外,还需要Traefik的反向代理配置。
在同一目录中配置Traefik反向代理proxy-config.toml
:
[http.routers.test-streamrouter]
rule = "Host(`myhost.com`)"
service = "test-loadbalancer"
entryPoints = ["web"]
[[http.services.test-loadbalancer.loadBalancer.servers]]
url = "http://host.docker.internal:4000"
这是一个完整的示例反向代理。中间件可以增强它的功能,以执行URL重写,更新域名甚至重定向用户(如果您这样做)。如this answer所示,使用单个负载均衡器。并且host.docker.internal
用于返回主机的internal networking address。
注意:在撰写本文时,"host.docker.internal"
仅适用于Mac的Docker,在Linux上将失败。但是,您也许可以改用Compose服务名称(即"proxy"
)。
一旦完成这项工作,就可以使用TRAEFIK_PROVIDERS_FILE_FILENAME
环境变量来设置“让我们加密”内容或在开发配置和生产配置之间交换。
答案 2 :(得分:0)
您可以
请注意,在yaml和toml文件中,您需要注意属性的小写字母。在docker中,loadbalancer
是loadBalencer
,而您需要在配置文件中写入http:
middlewares:
docs:
stripPrefix:
prefixes:
- "/docs"
restapi:
stripPrefix:
prefixes:
- "/api/v1"
routers:
restapi:
rule: "PathPrefix(`/api/v1`)"
middlewares:
- "restapi"
service: "restapi"
entryPoints:
- http
docs:
rule: "PathPrefix(`/docs`)"
middlewares:
- "docs"
service: "docs"
entryPoints:
- http
client:
rule: "PathPrefix(`/`)"
service: "client"
entryPoints:
- http
help:
rule: "PathPrefix(`/server/sicon/help`)"
services:
restapi:
loadBalancer:
servers:
- url: "http://sicon_backend:1881"
docs:
loadBalancer:
servers:
- url: "http://sicon_backend:1882"
client:
loadBalancer:
servers:
- url: "http://sicon_client"
。
/identitytoolkit/v3/relyingparty/signupNewUser