我正在尝试配置一个 dockerized nginx ssl 反向代理,它将请求转发到它旁边的另一个容器,该容器正在监听端口 8443 上的 ssl 连接。我正尝试将来自端口 1111 上的互联网请求转发到内部 nginx 代理,监听 443。所以<internet requests> -> router:1111 -> nginx_container:443 -> backend_app_container:8443
。当我尝试从互联网连接到它时,我得到了不同的结果。第一个页面可以正常工作,但 POSTing 身份验证导致 302 重定向失败。我当前的配置如下:
server {
listen 80;
#server_name *.domain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
#server_name <my_site>.com;
ssl on;
location / {
return 404;
}
}
server {
listen *:443 default ssl;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://backend_app:8443/;
proxy_redirect off;
}
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
}
有时可以进入第一页,有时则不行,并出现 302 超时失败:
internet_host_1 - - [05/Jan/2018:14:30:57 +0000] "GET /backend_app/static/cozmQY8MS7QySFhOmPMMiatlibNLY61rwdkq7L64XXJ.js HTTP/1.1" 200 52923 "https://router:1111/backend_app/login/auth" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36" "-"
internet_source_3 - - [05/Jan/2018:14:31:05 +0000] "GET /backend_app HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "-"
internet_source_3 - - [05/Jan/2018:14:31:41 +0000] "GET /backend_app/ HTTP/1.1" 302 0 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36" "-"
尝试登录也超时并出现 302 错误:
internet_host_1 - - [05/Jan/2018:14:32:02 +0000] "POST /backend_app/j_spring_security_check HTTP/1.1" 302 0 "https://router:1111/backend_app/login/auth" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36" "-"
请问我做错了什么?我很困惑。