我正在尝试为正在构建的应用程序设置反向代理。该应用程序分为两个 docker 镜像。第一个是 Web UI,可以通过以下方式访问https://example.com/
第二个 docker 镜像有我感兴趣的基地址。第一个是https://example.com/swagger第二个是https://example.com/api
当我导航到 example.com 时,一切都按预期运行。我得到了应用程序前端。当我导航到 swagger 链接时,一切又都运行正常,我得到了 swagger 页面。实际地址是https://example.com/swagger/index.html
然而,第三部分是https://example.com/api是我想在尝试调用此方法时访问的 Rest API。或者更具体地说,向https://example.com/api/Authentication/login
我从服务器收到 307 响应,将调用重定向到http://actualserver.local:7066/api/身份验证/登录
我不明白它为什么这样做,因为它应该像 swagger 链接一样获取信息。
这是我用来运行反向代理的 nginx.conf 文件
worker_processes 1;
events { worker_connections 1024; }
http {
client_max_body_size 0;
sendfile on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
server {
listen 80 default_server;
server_name example.com;
# location /.well-known/acme-challenge/ {
# root /var/www/certbot;
# }
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name example.com;
location /api {
proxy_pass http://actualserver.local:7066/api;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /swagger {
proxy_pass http://actualserver.local:7066/swagger;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location / {
proxy_pass http://actualserver.local:3000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
}
我正在寻找的是让反向代理调用actualserver.local,而不是返回307。我有点不知所措,所以任何帮助都会很感激。
更新:我尝试修改 nginx 配置,看看是否有效果。这是我更新的文件。
工作进程 1;
事件 { worker_connections 1024; }
http { client_max_body_size 0; 发送文件开启;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
upstream web-ui {
server actualserver.local:3000;
}
upstream web-api {
server actualserver.local:7066;
}
server {
listen 80 default_server;
server_name example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name example.com;
location /api {
proxy_pass http://web-api/api;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /swagger {
proxy_pass http://web-api/swagger;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location / {
proxy_pass http://web-ui;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
}
307 中报告的位置是
https:// web-api:7066 / api /身份验证/登录
整个代码库中 web-api 存在的唯一地方是 nginx.conf,这不可能来自应用服务器。这必须是 nginx 做的。
答案1
这与您的代理配置无关 - 您向我们展示的配置中没有任何内容会返回 307 / nginx 对此一无所知http://actualserver.local:7066/api/身份验证/登录
该响应来自原始服务器。
Nginx 正在执行其应做的事情并将其传回给客户端。
这也表明您没有正确配置原始服务器 - 它们需要知道正在通过哪个 URL 进行访问。