nginx.conf:
user nginx;
worker_processes auto;
pid /tmp/nginx.pid;
# turn off daemon mode to be watched by supervisord
daemon off;
pcre_jit on;
error_log /var/log/nginx/error.log warn;
# events block defines the parameters that affect connection processing.
events {
# Define the maximum number of simultaneous connections that can be opened by a worker process
worker_connections 1024;
}
# SSL configuration
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.nl example.nl;
ssl_certificate /etc/letsencrypt/live/example.nl/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.nl/privkey.pem;
# Improve HTTPS performance with session resumption
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
try_files $uri @yourapplication;
}
location @yourapplication {
include uwsgi_params;
uwsgi_pass unix:///tmp/uwsgi.sock;
}
}
uwsgi.ini
[uwsgi]
module = src.main
callable = app
uid = nginx
gid = nginx
socket = /tmp/uwsgi.sock
chown-socket = nginx:nginx
chmod-socket = 664
cheaper = 1
processes = %(%k + 1)
Dockerfile:
FROM python:3.9
RUN apt-get update
RUN apt-get install -y --no-install-recommends \
libatlas-base-dev gfortran nginx supervisor
RUN pip3 install uwsgi
COPY ./requirements.txt /project/requirements.txt
RUN pip3 install -r /project/requirements.txt
RUN useradd --no-create-home nginx
RUN rm /etc/nginx/sites-enabled/default
RUN rm -r /root/.cache
COPY server-conf/nginx.conf /etc/nginx/
# COPY server-conf/flask-site-nginx.conf /etc/nginx/conf.d/
COPY server-conf/uwsgi.ini /etc/uwsgi/
COPY server-conf/supervisord.conf /etc/supervisor/
COPY src /project/src
WORKDIR /project
ENV PYTHONPATH "${PYTHONPATH}:/project/src"
CMD ["/usr/bin/supervisord"]
docker-compose.yml
version: '3'
services:
app:
build: .
ports:
- "5000:80"
volumes:
- .:/project
这些是我的文件,应该在 HTTPS 连接上运行我的应用程序。我有一个手动添加的 index.html 文件和我手动添加的规则,它们确实有效。但是当我尝试在这些设置上运行我的 webapp 时,它不起作用。当我使用端口转到我的 url 时,它显示 SSL 协议错误。我错过了什么吗?
过去 2-3 天我一直在尝试让它工作。HTTP 以前确实可以工作,但我更改了 nginx.conf 以尝试使其与 HTTPS 一起工作,但到目前为止没有成功。我将不胜感激任何帮助!
答案1
您的 Docker compose 指向您的应用程序将流量路由到端口 80,而在您的 nginx 配置中,您的 TLS 配置适用于端口 443
app:
build: .
ports:
- "5000:80"
listen 443 ssl http2;
listen [::]:443 ssl http2;
将容器端口从 80 更改为 443,以将其路由到 TLS 侦听器