Apache Guacamole + Portainer + Nginx 代理管理器 + Cloudflare

也许有人可以帮忙……

我的设置：

Qnap TS-664

Docker 容器（Portainer 管理）

porkbun 的域名（我们称之为 example.com）

Cloudflare DNS：

名称：example.com

C 名称：名称：nginx，内容：example.com，代理

C 名称：名称：g，内容：example.com，代理

C 名称：名称：portainer，内容：example.com，代理

nginx配置：

来源：nginx.example.com 目的地：http://192.168.1.210:9081仅 HTTP

来源：g.example.com 目的地：http://192.168.1.210:32768仅 HTTP

来源：portainer.example.com 目的地：http://192.168.1.210:9000仅 HTTP

nginx 的 Docker 配置：

services:
mariadb:
image: jc21/mariadb-aria:latest
container_name: npm_db
environment:
MYSQL_ROOT_PASSWORD: 'npm'
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'npm'
MYSQL_PASSWORD: 'insecure'
volumes:
- /etc/localtime:/etc/localtime:ro
- ./npm_db:/var/lib/mysql
restart: unless-stopped

nginx-proxy-manager:
image: jc21/nginx-proxy-manager:latest
container_name: npm
depends_on:
- mariadb
ports:
- '9080:80'
- '9081:81'
- '9443:443'
environment:
DB_MYSQL_HOST: 'mariadb'
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: 'npm'
DB_MYSQL_PASSWORD: 'insecure'
DB_MYSQL_NAME: 'npm'
volumes:
- /etc/localtime:/etc/localtime:ro
- ./npm_data:/data
- ./npm_letsencrypt:/etc/letsencrypt
restart: unless-stopped

鳄梨酱的Docker配置：

version: '2.0'
networks:
guacnetwork_compose:
driver: bridge

services:
guacd:
container_name: guacd_compose
image: guacamole/guacd
networks:
guacnetwork_compose:
restart: always
volumes:
- ./drive:/drive:rw
- ./record:/record:rw

postgres:
container_name: postgres_guacamole_compose
environment:
PGDATA: /var/lib/postgresql/data/guacamole
POSTGRES_DB: guacamole_db
POSTGRES_PASSWORD: insecure
POSTGRES_USER: guacamole_user
image: postgres:15.2-alpine
networks:
guacnetwork_compose:
restart: always
volumes:
- ./init:/docker-entrypoint-initdb.d:z
- ./data:/var/lib/postgresql/data:Z

guacamole:
container_name: guacamole_compose
depends_on:
- guacd
- postgres
environment:
GUACD_HOSTNAME: guacd
POSTGRESQL_DATABASE: guacamole_db
POSTGRESQL_HOSTNAME: postgres
POSTGRESQL_PASSWORD: insecure
POSTGRESQL_USER: guacamole_user
image: guacamole/guacamole
links:
- guacd
networks:
guacnetwork_compose:
ports:
- 32768:8080/tcp
restart: always

portainer 的 docker 配置

version: '3'
services:
portainer:
image: portainer/portainer-ee:latest
container_name: portainer
restart: always
security_opt:
- no-new-privileges:true
ports:
- 9001:8000
- 9000:9000
- 9043:9443
volumes:
- /etc/localtime:/etc/localtime:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./portainer-ee/data:/data:rw
environment:
TZ: Europe/Vienna

我还在运行一些其他容器（sonarr、radarr 等），我可以通过 C 名称（如 https://example.com/nginx）访问它们，它们都在运行。

我目前只在鳄梨酱和 portainer 方面遇到问题（现在在光棱镜方面也遇到了问题）。

我在使用 Heimdall 时也遇到了问题，但我发现它需要 nginx 中的一些特殊设置。--> 添加到自定义 Nginx 配置：

location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass $forward_scheme://$server:$port$request_uri;
}

https://g.example.com和https://portainer.example.com无法访问。但我的所有其他应用（例如https://nginx.example.com） 在工作中。

我已经尝试过例如：https://www.reddit.com/r/selfhosted/comments/tvml0j/guacamole_behind_cloudflared_public_hostname/

因此，我确信我缺少一些自定义 nginx 配置。我已经尝试了很多次，但还是无法解决。

任何帮助，将不胜感激...

谢谢

---

还没有成功。现在我把所有东西都放到一个docker-compose.yml中，除了gucamole，其他都正常。它可以在本地访问http://192.168.1.210:32768/guacamole 但不是通过 nginx :-(

这里是docker文件：

##############NETWORKS##############
networks:
  default:
    name: media
    external: true
##############NETWORKS##############

services:
     
  readarr:
    image: lscr.io/linuxserver/readarr:develop
    container_name: readarr
    environment:
      - PUID=$PUID
      - PGID=$PGID      
      - TZ=$TZ
    volumes:
      - ./readarr:/config
      - $MEDIADIR/books:/books #optional
      - $MEDIADIR/usenet/completed:/usenet/completed
    ports:
      - 8787:8787
    restart: unless-stopped
      
  nzbget: #usenet download agent
    image: ghcr.io/linuxserver/nzbget
    container_name: nzbget
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./nzbget:/config
      - $MEDIADIR/usenet/nzb:/usenet/nzb
      - $MEDIADIR/usenet/queue:/usenet/queue
      - $MEDIADIR/usenet/tmp:/usenet/tmp
      - $MEDIADIR/usenet/intermediate:/usenet/intermediate
      - $MEDIADIR/usenet/completed:/usenet/completed
    ports:
      - 6789:6789
    restart: unless-stopped

  radarr: #movie search agent
    image: ghcr.io/linuxserver/radarr
    container_name: radarr
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
      - UMASK=022
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./radarr:/config
      - /share/2watch/movies:/movies
      - $MEDIADIR/usenet/completed:/usenet/completed
    ports:
      - 7878:7878
    restart: unless-stopped

  sonarr: #TV show search agent
    image: ghcr.io/linuxserver/sonarr:latest
    container_name: sonarr
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
      - UMASK=022
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./sonarr:/config
      - /share/2watch/tv:/tv
      - $MEDIADIR/usenet/completed:/usenet/completed
    ports:
      - 8989:8989
    restart: unless-stopped

  tautulli: #plex monitoring
    image: ghcr.io/linuxserver/tautulli:latest
    container_name: tautulli
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
      - UMASK=002
      - DEBUG=no
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./tautulli:/config
    ports:
      - 8181:8181
    restart: unless-stopped

  heimdall:
    image: lscr.io/linuxserver/heimdall:latest
    container_name: heimdall
    environment:
      - PUID=$PUID
      - PGID=$PGID
      - TZ=$TZ
    volumes:
      - ./heimdall:/config
    ports:
      - 32771:80
      - 32772:443
    restart: unless-stopped

# Nginx Proxy Manager DB
  mariadb:
    image: jc21/mariadb-aria:latest
    container_name: npm_db
    environment:
      TZ: $TZ
      MYSQL_ROOT_PASSWORD: 'npm'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'npm'
      MYSQL_PASSWORD: 'insecure'
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./npm_db:/var/lib/mysql
    restart: unless-stopped
    ports:
     - 3306:3306
    expose:
     - 3306
  
  # Nginx Proxy Manager
  nginx-proxy-manager:
    image: jc21/nginx-proxy-manager:latest
    container_name: npm
    depends_on:
      - mariadb
    ports:
      - '9080:80'
      - '9081:81'
      - '9443:443'
    environment:
      TZ: $TZ
      DB_MYSQL_HOST: 'mariadb'
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: 'npm'
      DB_MYSQL_PASSWORD: 'insecure'
      DB_MYSQL_NAME: 'npm'
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - ./npm_data:/data
      - ./npm_letsencrypt:/etc/letsencrypt
    restart: unless-stopped
    
# Guacamole
  guacd:
    container_name: guacd_compose
    image: guacamole/guacd
    restart: always
    volumes:
      - ./guacamole/drive:/drive:rw
      - ./guacamole/record:/record:rw

  postgres:
    container_name: postgres_guacamole_compose
    environment:
      PGDATA: /var/lib/postgresql/data/guacamole
      POSTGRES_DB: guacamole_db
      POSTGRES_PASSWORD: insecure
      POSTGRES_USER: guacamole_user
    image: postgres:15.2-alpine
    restart: always
    volumes:
      - ./guacamole/init:/docker-entrypoint-initdb.d:z
      - ./guacamole/data:/var/lib/postgresql/data:Z

  guacamole:
    container_name: guacamole_compose
    depends_on:
      - guacd
      - postgres
    environment:
      GUACD_HOSTNAME: guacd
      POSTGRESQL_DATABASE: guacamole_db
      POSTGRESQL_HOSTNAME: postgres
      POSTGRESQL_PASSWORD: insecure
      POSTGRESQL_USER: guacamole_user
    image: guacamole/guacamole
    links:
      - guacd
    ports:
      - "32768:8080/tcp"
    restart: always