[英]nginx timeout after https proxy to localhost
I want to run one docker-compose with Nginx which will be only a proxy to other docker-compose services. 我想用Nginx运行一个docker-compose,它只是其他docker-compose服务的代理。
Here is my docker-compose.yml with proxy: 这是我的docker-compose.yml与代理:
version: '2'
services:
storage:
image: nginx:1.11.13
entrypoint: /bin/true
volumes:
- ./config/nginx/conf.d:/etc/nginx/conf.d
- /path_to_ssl_cert:/path_to_ssl_cert
proxy:
image: nginx:1.11.13
ports:
- "80:80"
- "443:443"
volumes_from:
- storage
network_mode: "host"
So it will grap all connections to port 80 or 443 and proxy them to services specified in ./config/nginx/conf.d
directory. 因此,它将抓取到端口80或443的所有连接,并将它们代理到./config/nginx/conf.d
目录中指定的服务。
Here is example service ./config/nginx/conf.d/domain_name.conf
: 这是示例服务./config/nginx/conf.d/domain_name.conf
:
server {
listen 80;
listen 443 ssl;
server_name domain_name.com;
ssl_certificate /path_to_ssl_cert/cert;
ssl_certificate_key /path_to_ssl_cert/privkey;
return 301 https://www.domain_name.com$request_uri;
}
server {
listen 80;
server_name www.domain_name.com;
return 301 https://www.domain_name.com$request_uri;
# If you uncomment this section and comment return line it's works
# location ~ {
# proxy_pass http://localhost:8888;
# # or proxy to https, doesn't matter
# #proxy_pass https://localhost:4433;
# }
}
server {
listen 443 ssl;
server_name www.domain_name.com;
ssl on;
ssl_certificate /path_to_ssl_cert/cert;
ssl_certificate_key /path_to_ssl_cert/privkey;
location ~ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Client-Verify SUCCESS;
proxy_set_header X-Client-DN $ssl_client_s_dn;
proxy_set_header X-SSL-Subject $ssl_client_s_dn;
proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
proxy_pass https://localhost:4433;
# like before
# proxy_pass http://localhost:8888;
}
}
It's redirect all request http://domain_name.com
, https://domain_name.com
and http://www.domain_name.com
to https://www.domain_name.com
and proxy it to specific localhost service. 它将所有请求http://domain_name.com
: https://domain_name.com
和http://www.domain_name.com
重定向到https://www.domain_name.com
并将其代理到特定的localhost服务。
Here is my specific service docker-compose.yml 这是我的特定服务docker-compose.yml
version: '2'
services:
storage:
image: nginx:1.11.13
entrypoint: /bin/true
volumes:
- /path_to_ssl_cert:/path_to_ssl_cert
- ./config/nginx/conf.d:/etc/nginx/conf.d
- ./config/php:/usr/local/etc/php
- ./config/php-fpm.d:/usr/local/etc/php-fpm.d
- php-socket:/var/share/php-socket
www:
build:
context: .
dockerfile: ./Dockerfile_www
image: domain_name_www
ports:
- "8888:80"
- "4433:443"
volumes_from:
- storage
links:
- php
php:
build:
context: .
dockerfile: ./Dockerfile_php
image: domain_name_php
volumes_from:
- storage
volumes:
php-socket:
So when you go to http://www.domain_name.com:8888
or https://www.domain_name.com:4433
you will get content. 因此,当您访问http://www.domain_name.com:8888
或https://www.domain_name.com:4433
您将获得内容。 When you curl to localhost:8888
or https://localhost:4433
from server where docker is running you will get content too. 当您从运行https://localhost:4433
的服务器卷曲到localhost:8888
或https://localhost:4433
,您也将获得内容。
And now my issue. 现在我的问题。
When I go to browser and type domain_name.com
, www.domain_name.com
or https://www.domain_name.com
nothing happen. 当我进入浏览器并输入domain_name.com
, www.domain_name.com
或https://www.domain_name.com
没有任何反应。 Even when I curl to this domain from my local machine I got timeout. 即使我从本地机器卷曲到这个域,我也会超时。
I have search some info "nginx proxy https to localhost" but noting works for me. 我搜索了一些信息“nginx代理https到localhost”,但注意到我的工作。
I have solution! 我有解决方案!
When I setup network_mode: "host"
in docker-compose.yml
for my proxy I thought that ports:
entries still are working but not. 当我在docker-compose.yml
为我的代理设置network_mode: "host"
,我认为ports:
条目仍在工作,但没有。
Now proxy works in my host network so it use local ports and omit ports:
entries from docker-compose.yml
. 现在代理在我的主机网络中工作,因此它使用本地端口并省略ports:
来自docker-compose.yml
条目。 That's mean I have manually open ports 80 and 443 on my server. 这意味着我已经在我的服务器上手动打开端口80和443。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.