nginx proxy_pass 仅适用于完整的文件名

nginx proxy_pass 仅适用于完整的文件名

我有一个 nginx,它应该将路径 domain.de/pihole/* 代理到运行 pihole 的 docker 容器。如果我使用 docker 容器的 IP(172.20.0.2),则会加载 index.php,172.20.0.2/admin 和 172.20.0.2/admin/index.php 也可以正常工作。如果我使用 domain.de/pihole 或 domain.de/pihole/admin,我会得到 404。如果我使用 domain.de/pihole/admin/index.php,则一切正常。这是我的 /etc/nginx/sites-available/default:

server {
        listen 80 default_server;
        listen [::]:80 default_server;
 root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
                #proxy_pass http://172.20.0.2:25565;
        }
        location /pihole/ {
                proxy_pass http://172.20.0.2:80/;
                proxy_http_version 1.1;
                proxy_set_header Host $host:$server_port;
                proxy_set_header Referer $http_referer;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header X-Forwarded-Ssl on;
                proxy_set_header X-Nginx-Proxy true;
                proxy_set_header X-Client-Verify $ssl_client_verify;
                proxy_set_header X-Client-DN $ssl_client_s_dn;
                proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_redirect off;

        }
}

有什么想法我需要改变什么吗(我从 serverfault 复制了大部分“proxy_set_header”内容)?

答案1

请删除行尾/proxy_pass原因在文档中描述 代理密码

引用:

如果指定了 proxy_pass 但没有指定 URI,则在处理原始请求时,请求 URI 将以客户端发送的相同形式传递给服务器,或者在处理更改的 URI 时传递完整的规范化请求 URI:

location /some/path/ {
    proxy_pass http://127.0.0.1;
}

答案2

用这个位置块解决了

location /pihole/ {
    proxy_http_version 1.1;
    proxy_set_header Referer $http_referer;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-Ssl on;
    proxy_set_header X-Nginx-Proxy true;
    proxy_set_header X-Client-Verify $ssl_client_verify;
    proxy_set_header X-Client-DN $ssl_client_s_dn;
    proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://172.20.0.2/admin/;
}

我尝试了一下斜线,并发现 pihole 需要/admin在 URL 中(我之前并不知道)

相关内容