我如何让wordpress容器在NGINX反向代理后面工作

Question

想知道是否有人对Docker wordpress容器有类似的问题。 我对我的apache / wordpress能力不自信。 也许有人可以帮忙。

尝试使用ssl在nginx反向代理后面设置标准的wordpress docker容器。

我所有其他应用程序都可以正常运行，这只是问题所在。

我的NGINX default.conf：

server {
        listen 80;
        server_name example.com;
        return 301 https://example.com$request_uri;
}
########## ADDED
upstream app-a {
    server example.com:2368;
}

upstream app-b {
    server example.com:8080;
}

##########
server {
        listen 443 ssl;
        server_name example.com;
        root /usr/share/nginx/html;
        index index.html index.htm;
        client_max_body_size 10G;
        location / {
                 proxy_pass         http://app-a;
            proxy_redirect     off;
            proxy_set_header   Host $host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Host $server_name;
        }

location = /press {
                return 301 https://example.com:8443;
        }


        ssl on;
        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
        ssl_prefer_server_ciphers On;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
}


server {
        listen 8443 ssl;

        server_name example.com;

        #root /usr/share/nginx/html;
        root /var/www/html/press;
        index index.php index.html index.htm;
        client_max_body_size 10G;

        location / {
                proxy_pass         http://app-b;
            proxy_redirect     off;
            proxy_set_header   Host $host;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Host $server_name;
        }


        ssl on;
        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

        ssl_prefer_server_ciphers On;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

}

我如何启动我的wordpress容器：

docker run -d --name mywordpress --link mytestsql:mysql -v mypressvol:/var/www/html -e WORDPRESS_DB_USER=root -e WORDPRESS_DB_PASSWORD=secret -p 8080:80 wordpress

当我运行WP安装程序时，我得到语言选择，但没有图形，并且在地址栏中显示不安全。 但是，如果我在浏览器中转到8080，则该应用程序运行正常，但没有SSL。 就像我说的那样，我所有其他应用程序都可以正常工作。 这只是WordPress给我合适的机会。 有任何想法吗？ 谢谢。

Answer 1

此配置工作正常：

1）Nginx代理

server {
    listen                          80;
    server_name                     example.ru www.example.ru;
    return 301                      https://$server_name$request_uri;
}

 server {
    listen 443;
    server_name example.ru www.example.ru;

    ssl_certificate           /etc/nginx/certs/example.ru.crt;
    ssl_certificate_key       /etc/nginx/certs/example.ru.key;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    location / {
        proxy_pass http://wp_web;
    }
}

不要忘记将它们都放在docker-compose.yml中的一个网络中，以便通过服务名称访问容器。

2）WordPress的容器。 您的房东。 Apache2的conf

<VirtualHost *:80>
    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.

    ServerName example.ru
    ServerAlias www.example.ru

    SetEnvIf X-Forwarded-Proto https HTTPS=on

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/example

    <Directory /var/www/example>
        Allowoverride All
    </Directory>

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog /var/www/example/logs/apache.error.log
    CustomLog /var/www/example/logs/apache.access.log combined_with_x_real_ip

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf
</VirtualHost>