NGINX反向代理背后的ASP.NET Core

时间:2020-09-18 22:19:49

标签: asp.net-core nginx nginx-reverse-proxy nginx-upstreams

我在NGINX反向代理后面尝试运行ASP.NET Core 3应用程序时遇到问题。 我正在遵循此指南: https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-3.1

我正在使用“让我们加密”作为我的SSL证书,并将代理传递给本地网络中的其他计算机。我真的不知道如何解决此问题。我已经尝试使用SSL保护反向代理和Kestrel Server之间的连接,但是仍然无法正常工作。任何帮助将不胜感激。 我的NGINX Site.conf文件如下:

upstream dotnet {
    zone dotnet 64k;
    server 192.168.3.222:5000;
}
server {
    server_name   MyDomain.net *.MyDomain.net;
    location / {
            proxy_pass         http://dotnet;
            proxy_http_version 1.1;
            proxy_set_header   Upgrade $http_upgrade;
            proxy_set_header   Connection keep-alive;
            proxy_set_header   Host $host;
            proxy_cache_bypass $http_upgrade;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto $scheme;
            fastcgi_buffers 16 16k;
            fastcgi_buffer_size 32k;
            access_log      /var/log/nginx/MyDomain.access.log;
            error_log       /var/log/nginx/MyDomain.error.log;
    }
    location = /favicon.ico {
            log_not_found off;
    }

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = MyDomain.net) {
    return 301 https://$host$request_uri;
} # managed by Certbot


    listen        80;
    server_name   MyDomain.net;
return 404; # managed by Certbot


}

ASP.NET Core App与NGINX反向代理(本地IP:192.168.3.111)运行在不同的计算机(本地IP:192.168.3.222)上。 如果我在计算机上设置了NGINX反向代理,则ASP.NET Core App正在运行,并且代理传递给127.0.0.1:5000,我可以在本地网络上毫无问题地访问它。 我还配置了Startup.cs以接受我的反向代理:

public void ConfigureServices(IServiceCollection services)
{
// Configure Headers. Required by Nginx RProxy
        services.Configure<ForwardedHeadersOptions>(options =>
        {
            options.ForwardedHeaders =
                ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;                
            options.KnownProxies.Add(IPAddress.Parse("192.168.3.111"));
            options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("192.168.3.0"),24));
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IServiceProvider serviceProvider)
{
// Forward Headers required by Nginx RProxy
        app.UseForwardedHeaders();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
}

如果尝试访问MyDomain.net,则会收到502错误网关。因此,反向代理无法连接到应用程序。文档中的示例在与Kestrel服务器相同的计算机上使用反向代理。 NGINX错误日志如下:

在连接到上游时失败(111:连接被拒绝),客户端:0.0.0.0.1,服务器:mydomain.net,请求:“ GET / HTTP / 1.1”,上游:“ http://192.168.3.222: 5000 / $ ,主机:“ mydomain.net”

装有Kestrel服务器的计算机允许端口5000和5001的传入流量。

0 个答案:

没有答案
相关问题
最新问题