Nginx 通过 docker compose 不再响应端口 443

tag-icon tag-icon nginx ssl reverse-proxy https docker-compose
Nginx 通过 docker compose 不再响应端口 443

我一直在尝试为另一个 docker 容器设置反向代理,但我所做的一切都无法让它工作。无论我做什么,我都无法让 https 做出任何响应。

Sabnzbd 的工作原理http://192.168.1.157:8080https://192.168.1.157:8081

这是我的所有配置

docker-compose.yml

version: '2' 
services:
  nginx:
    image: nginx:latest
    container_name: nginx
    volumes:
       - /data/config/certbot/conf:/etc/letsencrypt
       - /data/config/certbot/www:/var/www/certbot
       - /data/config/nginx:/etc/nginx
    ports:
       - 80:80
       - 443:433
    env_file: uidgid.env
    restart: always
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
  certbot:
    image: certbot/certbot
    container_name: certbot
    env_file: uidgid.env
    volumes:
       - /data/config/certbot/conf:/etc/letsencrypt
       - /data/config/certbot/www:/var/www/certbot
    restart: always
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
  sabnzbd:
    image: linuxserver/sabnzbd:latest
    container_name: sabnzbd
    volumes:
        - /data/config/certbot:/etc/letsencrypt
        - /data/config/sabnzbd:/config
        - complete:/complete
        - incomplete:/incomplete
        - Shows:/shows
        - Movies:/movies
        - 4K:/4K
    ports:
        - 8080:8080
        - 8081:8081
    env_file: uidgid.env
    environment:
        - EDGE=1
        - VIRTUAL_HOST=mydomain.com/sabnzbd
        - VIRTUAL_PORT=8081
    restart: always

Nginx 配置:

#nginx.conf
events{} 
http {
    server {
        listen 443 ssl;
        server_name mydomain.com;

        include /etc/nginx/common.conf;
        include /etc/nginx/ssl.conf;

        location /sabnzbd {
            proxy_pass https://192.168.1.157:8081;
            include /etc/nginx/common_location.conf;
        }
    }
}


#ssl.conf
ssl_dhparam                 /etc/letsencrypt/ssl-dhparams.pem;
ssl_certificate             /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key         /etc/letsencrypt/live/mydomain.com/privkey.pem;
ssl_session_timeout         10m;
ssl_session_cache           shared:SSL:10m;
ssl_session_tickets         off;

#common.conf
add_header Strict-Transport-Security    "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options              SAMEORIGIN;
add_header X-Content-Type-Options       nosniff;
add_header X-XSS-Protection             "1; mode=block";


#common_location.conf
proxy_set_header    X-Real-IP           $remote_addr;
proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;        
proxy_set_header    X-Forwarded-Proto   $scheme;
proxy_set_header    Host                $host;
proxy_set_header    X-Forwarded-Host    $host;
proxy_set_header    X-Forwarded-Port    $server_port;

Netstat 显示 443 正在监听。

netstat -lpn |grep :443
    tcp6       0      0 :::443                  :::*                    LISTEN      12129/docker-proxy

防火墙已禁用。

ufw status 
    Status: inactive

Iptables 未启用

service iptables status 
    Unit iptables.service could not be found.

Curl 显示连接被拒绝

curl https://192.168.1.157/sabnzbd/ 
    curl: (7) Failed to connect to 192.168.1.157 port 443: Connection refused

其他 Curl 命令:

curl https://127.0.0.1/sabnzbd/ 
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:443

如果您还想看其他内容,请告诉我。谢谢。

相关内容