我尝试设置一个 docker-compose 环境,其中 Nginx 容器接收 HTTPS 请求、处理 SSL 并将它们反向代理到仅实现 HTTP 的 dotnet-core 应用程序。
这个主题已经在这里讨论过几次了,我试图创建一个仅用于此目的的最小配置(类似于此:NGINX SSL 直通和 Docker)
问题是,尽管配置为将请求 proxy_pass 到 dotnet-core 应用程序,Nginx 仍会响应 404,而该应用程序当前仅对所有请求响应“Hello world”。
nginx_1 | 2021/06/25 04:07:54 [error] 24#24: *1 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 210.61.91.199, server: tgdev.pillepalle1.de, request: "GET / HTTP/1.1", host: "tgdev.pillepalle1.de"
我连接到容器并从那里提取设置
root@70e20feb4fae:/etc/nginx# ls -l
total 32
drwxr-xr-x 1 root root 4096 Jun 25 01:49 conf.d
-rw-r--r-- 1 root root 1007 May 25 12:28 fastcgi_params
-rw-r--r-- 1 root root 5290 May 25 12:28 mime.types
lrwxrwxrwx 1 root root 22 May 25 13:01 modules -> /usr/lib/nginx/modules
-rw-r--r-- 1 root root 648 May 25 13:01 nginx.conf
-rw-r--r-- 1 root root 636 May 25 12:28 scgi_params
-rw-r--r-- 1 root root 664 May 25 12:28 uwsgi_params
root@70e20feb4fae:/etc/nginx# cat nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
root@70e20feb4fae:/etc/nginx/conf.d# ls
certbot.conf default.conf
root@70e20feb4fae:/etc/nginx/conf.d# cat default.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
location / {
# return 301 https://$host/$request_uri;
proxy_pass http://tgwebapp:80;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name localhost;
ssl_certificate /etc/letsencrypt/live/this/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/this/privkey.pem;
location / {
proxy_pass http://tgwebapp:80;
}
}
root@70e20feb4fae:/etc/nginx/conf.d# cat certbot.conf
server {
listen 80;
listen [::]:80;
server_name localhost;
location /.well-known/ {
proxy_pass http://certbot;
}
}
没有 nginx 应提供的条目/etc/nginx/html/index.html
。我遗漏了什么?
答案1
您设置了两个重复的虚拟主机,一个在certbot.conf
,另一个在default.conf
。两个虚拟主机都在端口 80 和 上运行server_name
localhost
。因此 nginx 会忽略另一个并始终使用第一个。
要解决此问题,请删除certbot.conf
并使用以下内容default.conf
:
server {
listen 80;
listen [::]:80;
server_name localhost;
location /.well-known/ {
proxy_pass http://certbot;
}
location / {
# return 301 https://$host/$request_uri;
proxy_pass http://tgwebapp:80;
}
}