Moodle 位于 SSL 反向代理后面:“反向代理已启用,无法直接访问服务器,抱歉。”

Moodle 位于 SSL 反向代理后面:“反向代理已启用,无法直接访问服务器,抱歉。”

我尝试使用以下方法让 moode 在 SSL 反向代理后面运行解决方案但我收到以下错误:

反向代理已启用,无法直接访问服务器,抱歉。请联系服务器管理员。

在 moodle 的配置中我启用了以下设置:

$CFG->reverseproxy = true;
$CFG->sslproxy = true;

从而导致配置。

对于反向代理,我使用具有以下设置的 nginx:

events {
  worker_connections  768;
}

http {
  include  /etc/nginx/mime.types;
  default_type  application/octet-stream;

  charset  utf-8;

  gzip  on;
  gzip_disable  "msie6";
  client_max_body_size 10000M;

  # Mysql apache-based variant
  server {
    listen  6440 ssl;
    server_name  0.0.0.0;

    ssl_certificate     /etc/nginx/certs/cert.pem;
    ssl_certificate_key /etc/nginx/certs/key.pem;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;

    location / {
              proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_cache_bypass $http_upgrade;
          proxy_pass_request_headers      on;
          # In case or running another port please replace the value bellow.
            proxy_pass http://^ip^;
      }
  }
}

^ip^我反向代理请求的 IP 在哪里。此外,对于我在本例中使用的设置 URL,我运行所有的在docker容器中设置如下https://0.0.0.0:6440那是不是服务 IP。

另外,docker-compose 如下:

version: '2'
services:
  nginx_reverse:
    image: nginx:alpine
    ports:
      - "6440:6440"
    links:
      - 'moodle_mysql_reverse'
    restart: always
    volumes:
      - './conf/nginx/nginx_ssl_reverse.conf:/etc/nginx/nginx.conf:ro'
      - './conf/certs:/etc/nginx/certs:ro'

  moodle_mysql_db_reverse:
    image: mysql
    environment:
      MYSQL_RANDOM_ROOT_PASSWORD: "yes"
      MYSQL_ONETIME_PASSWORD: "yes"
      MYSQL_DATABASE: "${MOODLE_DB_NAME}"
      MYSQL_USER: '${MOODLE_MYSQL_USER}'
      MYSQL_PASSWORD: '${MOODLE_MYSQL_PASSWORD}'

  moodle_mysql_reverse:
    image: ellakcy/moodle:mysql_maria_apache
    links:
      - "moodle_mysql_db_reverse:moodle_db"
    environment:
      MOODLE_DB_HOST: "moodle_db"
      MOODLE_DB_NAME: "${MOODLE_DB_NAME}"
      MOODLE_DB_USER: '${MOODLE_MYSQL_USER}'
      MOODLE_DB_PASSWORD: "${MOODLE_MYSQL_PASSWORD}"
      MOODLE_ADMIN: "${MOODLE_ADMIN}"
      MOODLE_ADMIN_PASSWORD: "${MOODLE_ADMIN_PASSWORD}"
      MOODLE_URL: "https://0.0.0.0:6440"
      MOODLE_REVERSE_LB: "true"
      MOODLE_SSL: "true"

您知道我为什么会收到这个错误以及如何修复它吗?

答案1

无论是否是基于docker的解决方案,都建议使用代理不是提供Hosthttp 标头。因此,nginx 反向代理配置应该是这样的:

events {
  worker_connections  768;
}

http {
  include  /etc/nginx/mime.types;
  default_type  application/octet-stream;

  charset  utf-8;

  gzip  on;
  gzip_disable  "msie6";
  client_max_body_size 10000M;

  # Mysql apache-based variant
  server {
    listen  6440 ssl;
    server_name  0.0.0.0;

    ssl_certificate     /etc/nginx/certs/cert.pem;
    ssl_certificate_key /etc/nginx/certs/key.pem;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;

    location / {
              proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_cache_bypass $http_upgrade;
          proxy_pass_request_headers      on;
          # In case or running another port please replace the value bellow.
            proxy_pass http://^ip^;
      }
  }
}

正如你所见,以下一行应该失踪不是存在于你的反向代理 nginx 配置中:

        proxy_set_header Host $host;

相关内容