Nginx docker HTTPS 连接

tag-icon tag-icon linux ubuntu docker https
Nginx docker HTTPS 连接

nginx.conf:

user nginx;
worker_processes auto;

pid /tmp/nginx.pid;

# turn off daemon mode to be watched by supervisord
daemon off;

pcre_jit on;

error_log /var/log/nginx/error.log warn;

# events block defines the parameters that affect connection processing.
events {
    # Define the maximum number of simultaneous connections that can be opened by a worker process
    worker_connections  1024;
}

# SSL configuration
server {
   listen 443 ssl http2;
   listen [::]:443 ssl http2;   
   server_name www.example.nl example.nl;
        ssl_certificate      /etc/letsencrypt/live/example.nl/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/example.nl/privkey.pem;
  
    # Improve HTTPS performance with session resumption
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;

    location / {
    try_files $uri @yourapplication;
    }
    
    location @yourapplication {
        include uwsgi_params;
        uwsgi_pass unix:///tmp/uwsgi.sock;
    }
}

uwsgi.ini

[uwsgi]
module = src.main
callable = app

uid = nginx
gid = nginx

socket = /tmp/uwsgi.sock
chown-socket = nginx:nginx
chmod-socket = 664

cheaper = 1
processes = %(%k + 1)

Dockerfile:

FROM python:3.9

RUN apt-get update
RUN apt-get install -y --no-install-recommends \
        libatlas-base-dev gfortran nginx supervisor

RUN pip3 install uwsgi

COPY ./requirements.txt /project/requirements.txt

RUN pip3 install -r /project/requirements.txt

RUN useradd --no-create-home nginx

RUN rm /etc/nginx/sites-enabled/default
RUN rm -r /root/.cache

COPY server-conf/nginx.conf /etc/nginx/
# COPY server-conf/flask-site-nginx.conf /etc/nginx/conf.d/
COPY server-conf/uwsgi.ini /etc/uwsgi/
COPY server-conf/supervisord.conf /etc/supervisor/

COPY src /project/src

WORKDIR /project

ENV PYTHONPATH "${PYTHONPATH}:/project/src"

CMD ["/usr/bin/supervisord"]

docker-compose.yml

version: '3'
services:
  app:
    build: .
    ports:
     - "5000:80"
    volumes:
     - .:/project

这些是我的文件,应该在 HTTPS 连接上运行我的应用程序。我有一个手动添加的 index.html 文件和我手动添加的规则,它们确实有效。但是当我尝试在这些设置上运行我的 webapp 时,它不起作用。当我使用端口转到我的 url 时,它显示 SSL 协议错误。我错过了什么吗?

过去 2-3 天我一直在尝试让它工作。HTTP 以前确实可以工作,但我更改了 nginx.conf 以尝试使其与 HTTPS 一起工作,但到目前为止没有成功。我将不胜感激任何帮助!

答案1

您的 Docker compose 指向您的应用程序将流量路由到端口 80,而在您的 nginx 配置中,您的 TLS 配置适用于端口 443

  app:
    build: .
    ports:
     - "5000:80"

   listen 443 ssl http2;
   listen [::]:443 ssl http2;

将容器端口从 80 更改为 443,以将其路由到 TLS 侦听器

相关内容