NGINX、Docker-Compose、SSL 反向代理失败(111:连接被拒绝)

时间:2021-01-12 03:26:25

标签: docker nginx ssl docker-compose reverse-proxy

我正在尝试让 docker-compose 为 ssl 使用 nginx 反向代理。我在网上看了几个不同的教程,下面是答案的最佳近似。但是,我在 nginx 中收到 502 Bad Gateway Error 和以下错误。我不知道为什么。 https 似乎工作(因为它路由到错误页面),但我不知道这里发生了什么。有什么想法吗?

production_nginx | 2021/01/12 02:54:34 [error] 29#29: *1 connect() failed (111: Connection refused) while connecting to upstream, client: <IP_ADDRESS_HERE>, server: www.websiteunderdevelopment.com, request: "GET / HTTP/1.1", upstream: "http://172.21.0.4:3001/", host: "www.websiteunderdevelopment.net"

这里是 docker 容器 -

version: "3.3"
services:
  nginx:
    image: nginx:latest
    container_name: production_nginx
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./error_log:/etc/nginx/error_log.log
      - ./nginx/cache/:/etc/nginx/cache
      - /etc/letsencrypt/:/etc/letsencrypt/
    ports:
      - 80:80
      - 443:443
    depends_on:
      - blog
      - api
      - db
  blog:
    container_name: blog
    build: ./blog
    ports:
       - 3001:3000
    expose:
       - "3000"
       - "3001"
       - "80"
    depends_on:
      - api
  api:
    container_name: api
    build: ./api
    restart:  always
    ports:
      - 4001:4000
    expose:
      - "4000"
      - "4001"
    depends_on:
      - db
    command: ["./wait-for-it.sh", "http://localhost:3306", "--", "npm", "start"]
    volumes:
      - ./api:/var/lib/api
  db:
    container_name: db
    build: ./db
    command: --default-authentication-plugin=mysql_native_password
    restart: always
    ports:
      - "3306:3306"
    environment:
      - MYSQL_ALLOW_EMPTY_PASSWORD=True
      - MYSQL_DATABASE=blog
      - MYSQL_USER=SUFUPDFD      
      - MYSQL_ROOT_PASSWORD=NEST
      - MYSQL_PASSWORD=SUPERSECCRETT
    volumes:
      - db_data:/var/lib/mysql
volumes:
  db_data: {}

这是我的 nginx 文件 -

events{}


http{
 server {
    listen 80;
    listen 443 ssl;
    server_name  www.websiteunderdevelopment.com websiteunderdevelopment.com;
    ssl_certificate /etc/letsencrypt/live/www.websiteunderdevelopment.net/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.websiteunderdevelopment.net/privkey.pem;

    location / {
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Host $host:443;
       proxy_set_header X-Forwarded-Port 443;
       proxy_set_header X-Forwarded-Server $host;
       proxy_set_header X-Forwarded-Proto https;
       proxy_pass http://blog:3001/;
    }

    location /api {
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Host $host:443;
       proxy_set_header X-Forwarded-Port 443;
       proxy_set_header X-Forwarded-Server $host;
       proxy_set_header X-Forwarded-Proto https;
       proxy_pass http://api:4001/;
    }
 }
}

0 个答案:

没有答案
相关问题
最新问题