我创建了一个包含 nginx 服务器的 Docker 映像(手动安装,不使用 nginx docker 映像)。无论我从哪里访问 Web 服务器,我总是看到127.0.0.1
客户端 IP 地址。我在容器前面使用系统的 nginx 作为反向代理,同样。我总是从公共 IP 访问 nginx 容器127.0.0.1
。
version: "3.6"
networks:
docker-network:
driver: bridge
ipam:
driver: default
config:
- subnet: "172.30.253.0/24"
gateway: "172.30.253.1"
services:
##
## WEBAPP container
##
app-web:
container_name: ${APP_NAME}_webapp
image: "my/app:${APP_VERSION}"
restart: unless-stopped
expose:
- "8000"
ports:
- 3380:8000
networks:
docker-network:
depends_on:
- docker-mysql
environment:
- DB_HOST=${APP_NAME}_db
- DB_PORT=${MYSQL_PORT}
- DB_USER=${MYSQL_USER}
- DB_PASSWORD=${MYSQL_PASSWORD}
- DB_NAME=${MYSQL_DATABASE}
##
## DATABASE CONFIG
##
docker-mysql:
container_name: ${APP_NAME}_db
image: "mariadb:10.6"
restart: unless-stopped
expose:
- "3306"
ports:
- 3316:3306
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_PORT=${MYSQL_PORT}
- MYSQL_USER=${MYSQL_USER}
- MYSQL_PASSWORD=${MYSQL_PASSWORD}
- MYSQL_DATABASE=${MYSQL_DATABASE}
volumes:
- ./mysql/data:/var/lib/mysql:cached
- ./mysql/conf/yetopen.cnf:/etc/mysql/conf.d/yetopen.cnf:ro,delegated
- ./mysql-files:/var/lib/mysql-files
networks:
docker-network:
##
## ADMINER
##
adminer:
container_name: ${APP_NAME}_adminer
# Non official adminer with dblib included
image: dehy/adminer:4.8.1
restart: "no"
environment:
- ADMINER_DEFAULT_SERVER=${APP_NAME}_db
ports:
- 3382:8080
networks:
docker-network:
容器的 nginx 配置:
server {
listen 8000;
root /var/www/web;
index index.php;
server_name _;
# Set real IP address in the Docker network defined in docker-compose.yml
set_real_ip_from 172.30.253.0/24;
real_ip_header X-Real-IP;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /robots.txt {
access_log off;
log_not_found off;
}
error_page 404 /index.php;
location ~ \.php$ {
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
location ~ /\.ht {
deny all;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
在 PHP 中,我正确地看到了REMOTE_ADDR
客户端的 IP,对于相同的请求,在 nginx 日志中我看到了 127.0.0.1!
答案1
这是 nginx 的错误配置。我没有说该镜像是基于 Debian 的镜像,通过apt
.我正在查看图像日志,只看到来自 127.0.0.1 的访问:
mis_webapp | 127.0.0.1 - 11/Nov/2022:20:33:24 +0000 "GET /index.php" 302
mis_webapp | 127.0.0.1 - 11/Nov/2022:20:33:25 +0000 "GET /index.php" 200
mis_webapp | 127.0.0.1 - 11/Nov/2022:20:33:28 +0000 "GET /index.php" 200
mis_webapp | 127.0.0.1 - 11/Nov/2022:22:18:28 +0000 "GET /index.php" 302
mis_webapp | 127.0.0.1 - 11/Nov/2022:22:18:29 +0000 "GET /index.php" 302
相反,完整日志通常位于/var/log/nginx/access.log
. :/