我正在尝试让 docker-compose 为 ssl 使用 nginx 反向代理。我在网上看了几个不同的教程,下面是答案的最佳近似。但是,我在 nginx 中收到 502 Bad Gateway Error 和以下错误。我不知道为什么。 https 似乎工作(因为它路由到错误页面),但我不知道这里发生了什么。有什么想法吗?
production_nginx | 2021/01/12 02:54:34 [error] 29#29: *1 connect() failed (111: Connection refused) while connecting to upstream, client: <IP_ADDRESS_HERE>, server: www.websiteunderdevelopment.com, request: "GET / HTTP/1.1", upstream: "http://172.21.0.4:3001/", host: "www.websiteunderdevelopment.net"
这里是 docker 容器 -
version: "3.3"
services:
nginx:
image: nginx:latest
container_name: production_nginx
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf
- ./error_log:/etc/nginx/error_log.log
- ./nginx/cache/:/etc/nginx/cache
- /etc/letsencrypt/:/etc/letsencrypt/
ports:
- 80:80
- 443:443
depends_on:
- blog
- api
- db
blog:
container_name: blog
build: ./blog
ports:
- 3001:3000
expose:
- "3000"
- "3001"
- "80"
depends_on:
- api
api:
container_name: api
build: ./api
restart: always
ports:
- 4001:4000
expose:
- "4000"
- "4001"
depends_on:
- db
command: ["./wait-for-it.sh", "http://localhost:3306", "--", "npm", "start"]
volumes:
- ./api:/var/lib/api
db:
container_name: db
build: ./db
command: --default-authentication-plugin=mysql_native_password
restart: always
ports:
- "3306:3306"
environment:
- MYSQL_ALLOW_EMPTY_PASSWORD=True
- MYSQL_DATABASE=blog
- MYSQL_USER=SUFUPDFD
- MYSQL_ROOT_PASSWORD=NEST
- MYSQL_PASSWORD=SUPERSECCRETT
volumes:
- db_data:/var/lib/mysql
volumes:
db_data: {}
这是我的 nginx 文件 -
events{}
http{
server {
listen 80;
listen 443 ssl;
server_name www.websiteunderdevelopment.com websiteunderdevelopment.com;
ssl_certificate /etc/letsencrypt/live/www.websiteunderdevelopment.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.websiteunderdevelopment.net/privkey.pem;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host:443;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://blog:3001/;
}
location /api {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host:443;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://api:4001/;
}
}
}