堆栈内存溢出
  简体   繁体   English

Dokku-获取容器内Nginx反向代理的IP地址?

[英]Dokku - get ip address of nginx reverse proxy inside container?

 原文  2019-08-13 01:30:48       nginx/ asp.net-core/ reverse-proxy/ dokku

问题描述

In my ASP.NET Core server, I've have forwarding to support my OpenId Connect authentication workflow: 在我的ASP.NET Core服务器中,我已经进行转发以支持我的OpenId Connect身份验证工作流: 

public void ConfigureServices(IServiceCollection services)
{
  services.Configure<ForwardedHeadersOptions>(options =>
  {
      options.ForwardedHeaders = ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedFor;

      // Only loopback proxies are allowed by default.
      // Clear that restriction because forwarders are enabled by explicit
      // configuration.
      options.KnownNetworks.Clear();
      options.KnownProxies.Clear();
  }
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
  app.UseForwardedHeaders();
}

However, I'd like to configure KnownProxies (and KnownNetworks ). 但是,我想配置KnownProxies (和KnownNetworks )。 Is there a way to find out the ip address of the proxy server (within the context of a container)? 有没有办法找出代理服务器的IP地址(在容器的上下文中)? Is the configuration static? 配置是静态的吗? If not, can it be automated? 如果没有,可以自动化吗?

Also, is this address going to be the same thing as the Host address. 另外,该地址是否与主机地址相同。 Ie would resolving the ip address to host.docker.internal help? 即将解析IP地址到host.docker.internal帮助? Which doesn't seem to be an easy thing to do within a Linux environment anyway... 无论如何,在Linux环境中这似乎并不容易...

Also, the above code comes from this documentation . 另外,以上代码来自此文档 Re-reading that section, is it okay to leave the above code alone? 重新阅读该部分,可以保留上面的代码吗? I'm assuming that locking down to a particular proxy server would be better? 我假设锁定到特定的代理服务器会更好?

1 个解决方案

解决方案1
 1 已采纳  2019-08-13 22:36:40

The container IP is ephemeral, and may change across app rebuilds or redeploys. 容器IP是临时的,在整个应用程序重建或重新部署中可能会更改。 By default, Dokku will run your app on the internal docker0 network, and the only things that can access the container are services running on the server itself, so allowing access from all network interfaces is safe. 默认情况下,Dokku将在内部docker0网络上运行您的应用程序,并且唯一可以访问容器的是在服务器本身上运行的服务,因此允许从所有网络接口进行访问都是安全的。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 nginx反向代理“显示IP地址” - nginx reverse proxy “ip address shows” nginx 反向代理重定向到内部 ip 地址 - nginx reverse proxy redirects to internal ip address Nginx 通过IP地址过滤反向代理 - Nginx filtering by IP address for reverse proxy Nginx 作为 docker 容器内的反向代理 - Nginx as a reverse proxy inside docker container 有什么办法可以在Nginx反向代理上获取真实的客户端IP地址,而无需在服务器端进行任何更改 - Is There Any Ways to Get the Real Client IP Address on Nginx Reverse proxy Without Changing any things on server side Nginx 反向代理到 Yesod 转发 ip 地址不起作用 - Nginx reverse proxy to Yesod forwarded ip address does not work 在反向代理下仅允许 Nginx 上的单个特定 IP 地址 - Allow only a single specific IP address on Nginx under reverse proxy IP和Nginx作为反向代理时出错 - Error with IP and Nginx as reverse proxy Nginx 反向代理与请求中的 IP - Nginx reverse proxy with IP in the request phpMyAdmin 在 docker 容器内,通过 nginx 反向代理 - phpMyAdmin inside docker container via nginx reverse proxy
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM