[英]Docker with Symfony an Nginx how to get real ip address?
我将 docker 与 nginx 和 symfony 应用程序一起使用,我的目标是获得真正的客户端 IP。 此时我得到了像172.23.*.*
这样的内部 docker ip。 看起来很标准的情况,但我遇到了这方面的麻烦。 你能帮我请如何解决吗? 在全局 _SERVER 变量中我得到
SERVER_ADDR = "172.23.0.7"
REMOTE_PORT = "40046"
REMOTE_ADDR = "172.23.0.1"
基于此,我收到了Request $request
$request->getClientIp() = 172.23.0.1
,但它不是来自用户的真实 IP(应该是212.55.92.12
)
我的 nginx.conf
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
http {
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 15;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
error_log off;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
open_file_cache max=100;
client_body_temp_path /tmp 1 2;
client_body_buffer_size 256k;
client_body_in_file_only off;
}
daemon off;
我的 host.conf:我从 ifconfig 添加了 set_real_ip_from ip,但这没有帮助,而且我没有得到标头X-Forwarded-For
,它可能在哪里?
来自请求 http 基金会的标头
connection = {array} [1]
accept-encoding = {array} [1]
host = {array} [1]
postman-token = {array} [1]
cache-control = {array} [1]
accept = {array} [1]
user-agent = {array} [1]
content-length = {array} [1]
content-type = {array} [1]
x-php-ob-level = {array} [1]
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:9c:d9:03:ca txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
server {
server_name symfony.localhost;
root /var/www/symfony/public;
# issue with ip and the nginx proxy
real_ip_header X-Forwarded-For;
set_real_ip_from 172.17.0.1/16;
location / {
try_files $uri @rewriteapp;
}
location @rewriteapp {
rewrite ^(.*)$ /index.php/$1 last;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass php-upstream;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
error_log /var/log/nginx/symfony_error.log;
access_log /var/log/nginx/symfony_access.log;
}
我的 docker-compose.yml
version: '3.7'
services:
php:
container_name: php-fpm
build: ./php-fpm
ports:
- "9000:9001"
volumes:
- ./symfony:/var/www/symfony:cached
- ./logs/symfony:/var/www/symfony/var/log:cached
depends_on:
- db
networks:
- php
nginx:
container_name: nginx
build: ./nginx
ports:
- mode: host
protocol: tcp
published: 80
target: 80
- mode: host
protocol: tcp
published: 443
target: 81
depends_on:
- php
networks:
- php
volumes:
- ./logs/nginx:/var/log/nginx:cached
- ./symfony:/var/www/symfony:cached
如果你使用反向代理,你需要告诉 Symfony。
对于 Symfony Flex,更改 .env 文件中的 TRUSTED_PROXIES 变量。 对于其他 Symfony 版本,您可以:
// public/index.php
// ...
$request = Request::createFromGlobals();
// tell Symfony about your reverse proxy
Request::setTrustedProxies(
// the IP address (or range) of your proxy
['192.0.0.1', '10.0.0.0/8'],
// trust *all* "X-Forwarded-*" headers
Request::HEADER_X_FORWARDED_ALL
// or, if your proxy instead uses the "Forwarded" header
// Request::HEADER_FORWARDED
// or, if you're using AWS ELB
// Request::HEADER_X_FORWARDED_AWS_ELB
);
有关更多详细信息,请查看: https : //symfony.com/doc/current/deployment/proxies.html 。
问候!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.