![](/img/trans.png)
[英]ASP.Net Core docker environment variable to deactivate SSL redirect
[英]Docker + Asp.net core api + Apache : infinite redirect loop
我正在尝试使用 Docker Compose 将与我的 web 应用程序(Asp.net Core API)相关的所有内容容器化,包括 AVPSOVHH 上的 SSL 证书(CertApache.bot) 我有一个无限重定向循环。
如果有人能发现我哪里出错了,我将非常感激!
Docker-compose.yml:
my_app_prod:
image: "myapp/my-app_prod:latest"
restart: always
ports:
- "83:80"
- "85:443"
network_mode: bridge
<VirtualHost *:*>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
</VirtualHost>
<VirtualHost *:80>
ServerName www.my-domain.com
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:83/
ProxyPassReverse / http://127.0.0.1:83/
ProxyPassReverseCookieDomain 127.0.0.1 www.my-domain.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.my-domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
ErrorLog ${APACHE_LOG_DIR}helloapp-error.log
CustomLog ${APACHE_LOG_DIR}helloapp-access.log common
</VirtualHost>
www.my-domain.com-le-ssl.conf :
<VirtualHost *:*>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
RequestHeader set "X-Forwarded-For" expr=%{REMOTE_ADDR}e
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName api.nicepet.fr
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:83/
ProxyPassReverse / http://127.0.0.1:83/
ProxyPassReverseCookieDomain 127.0.0.1 api.nicepet.fr
SSLCertificateFile /etc/letsencrypt/live/api.nicepet.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.nicepet.fr/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
启动.cs:
public void ConfigureServices(IServiceCollection services)
{
services.AddScoped<PathFilter>();
services.AddDbContext<ApiNicepetContext>(item => item.UseMySql(Configuration.GetConnectionString("DefaultConnection")));
services.AddControllers(mvcOptions => mvcOptions.EnableEndpointRouting = false);
services.AddOData();
//services.AddTransient();
services.AddCors(o => o.AddPolicy("MyPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
var forwardedHeadersOptions = new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto,
RequireHeaderSymmetry = false
};
forwardedHeadersOptions.KnownNetworks.Clear();
forwardedHeadersOptions.KnownProxies.Clear();
app.UseForwardedHeaders(forwardedHeadersOptions);
app.UseAuthentication();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
//app.UseHttpsRedirection();
app.UseCors("MyPolicy");
app.UseMvc(routeBuilder =>
{
routeBuilder.EnableDependencyInjection();
routeBuilder.Select().Filter().Expand();
routeBuilder.MapODataServiceRoute("OData", "odata", GetEdmModel());
});
}
Appsettings.json:
{
"https_port": 443,
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*"
//…
}
程序.cs:
//...
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>().UseUrls("http://*:80");
});
我相信您的应用程序没有看到该请求已经通过 SSL 因为您配置的反向代理负责 SSL 终止。 它尝试使用app.UseHttpsRedirection();
它进入无限循环。
尝试设置ForwardedHeaders
中间件,就像在这个问题的答案中描述的那样。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.