[英]Nginx 502 Bad Gateway while trying to access Gitlab through Nginx
我試圖通過docker-compose文件設置Gitlab。 但我無法訪問。 我在這里看到過類似的問題,但沒有一個適合我。這是我的docker-compose文件
version: '2'
services:
nginx:
container_name: nginx_loadbalance
restart: always
image: nginx
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "10"
ports:
- 443:443
- 80:80
volumes:
- ./nginx:/etc/nginx/conf.d:ro
- ./nginx/ssl:/etc/nginx/ssl:ro
- ./pass:/etc/nginx/pass:ro
links:
- gitlab
redis:
image: sameersbn/redis:latest
container_name: redis
volumes:
- /mnt/mgdata/volumes/redis:/var/lib/redis:Z
postgresql:
image: sameersbn/postgresql:latest
container_name: postgresql
volumes:
- /mnt/mgdata/volumes/postgresql:/var/lib/postgresql:Z
environment:
- DB_USER=gitlab
- DB_PASS=password
- DB_NAME=gitlabhq_production
- DB_EXTENSION=pg_trgm
gitlab:
image: sameersbn/gitlab:latest
container_name: gitlab
links:
- redis
- postgresql
volumes:
- /mnt/mgdata/volumes/gitlab:/home/git/data:Z
environment:
- DEBUG=true
- DB_ADAPTER=postgresql
- DB_HOST=postgresql
- DB_PORT=5432
- DB_USER=gitlab
- DB_PASS=password
- DB_NAME=gitlabhq_production
- REDIS_HOST=redis
- REDIS_PORT=6379
- TZ=Asia/Kolkata
- GITLAB_TIMEZONE=Kolkata
- GITLAB_HTTPS=true
- SSL_SELF_SIGNED=true
- GITLAB_HOST=www.mydomain.com
- GITLAB_PORT=5001
- GITLAB_SSH_PORT=10022
- GITLAB_RELATIVE_URL_ROOT=/gitlab
- GITLAB_SECRETS_DB_KEY_BASE=dc0nqwd6m7mnEmRf51VJ
- GITLAB_SECRETS_SECRET_KEY_BASE=ARSoM4HfImdTV1OTRfLC
- GITLAB_SECRETS_OTP_KEY_BASE=mqQmwgmIuu2SyVv3sJXB
- GITLAB_ROOT_PASSWORD=gitlab123
- GITLAB_ROOT_EMAIL=myemail.gmail.com
- GITLAB_NOTIFY_ON_BROKEN_BUILDS=true
- GITLAB_NOTIFY_PUSHER=false
- GITLAB_EMAIL=mygmail.gmail.com
- GITLAB_EMAIL_REPLY_TO=mygmail.gmail.com
- GITLAB_INCOMING_EMAIL_ADDRESS=mygmail.com
- GITLAB_BACKUP_SCHEDULE=monthly
- GITLAB_BACKUP_TIME=04:00
ports:
- "10080:80"
- "10022:22"
- "5001:443"
expose:
- "5001"
這是我的Nginx配置文件:
upstream gitlab{
server gitlab:5001;
}
server {
server_name myIpAddress mydomain.com;
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
server {
server_name myIpAddress mydomain.com;
listen 443 ssl http2;
listen [::]:443 ssl http2;
# add Strict-Transport-Security to prevent man in the middle attacks
add_header Strict-Transport-Security "max-age=31536000";
error_log /var/log/nginx/error.log warn;
proxy_set_header Host $http_host; # required for Docker client sake
proxy_set_header X-Real-IP $remote_addr; #pass on real client IP
client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
# required to avoid HTTP 411: see issue #1486 (https://github.com/dotcloud/docker/issues/1486)
chunked_transfer_encoding on;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
ssl_session_cache shared:SSL:50m;
ssl_prefer_server_ciphers on;
#ssl_prefer_server_ciphers on;
#ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
#ssl_ecdh_curve secp384r1;
#ssl_session_cache shared:SSL:10m;
#ssl_session_tickets off;
#ssl_stapling on;
# Disable preloading HSTS for now. You can use the commented out header line that includes
# the "preload" directive if you understand the implications.
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
#add_header X-Frame-Options DENY;
#add_header X-Content-Type-Options nosniff;
ssl_dhparam /etc/nginx/ssl/certs/dhparam.pem;
location / {
proxy_set_header X-Real-IP $http_referer;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header REMOTE_ADDR $remote_addr;
proxy_pass https://gitlab;
proxy_http_version 1.1;
}
}
當我運行docker ps命令時,我可以看到所有容器都已啟動並運行。 即使我檢查了日志,一切都很好。 當我試圖訪問Gitlab時,我的瀏覽器出現了502錯誤的網關錯誤。
以下是Nginx負載平衡容器日志:
connect() failed (111: Connection refused) while connecting to upstream, client: clientIp, server: serverIp, request: "GET /favicon.ico HTTP/2.0", upstream: "https://172.27.0.4:5001/favicon.ico", host: "mydomain.com"
我懷疑是否正確我不知道但是當我運行docker ps時能夠在所有容器的端口映射之前看到0.0.0.0:port但是對於nginx_loadbalance我在5001之前看不到它。我無法找到問題是什么。
這是docker ps命令的結果
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ec151703cf28 nginx "nginx -g 'daemon of…" 16 minutes ago Up 16 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp nginx_loadbalance
360f49185a16 sameersbn/gitlab:latest "/sbin/entrypoint.sh…" 16 minutes ago Up 16 minutes 5001/tcp, 0.0.0.0:10022->22/tcp, 0.0.0.0:10080->80/tcp, 0.0.0.0:5001->443/tcp gitlab
50049db6c6b4 sameersbn/postgresql:latest "/sbin/entrypoint.sh" 16 minutes ago Up 16 minutes 5432/tcp postgresql
38f3bd8eab4e sameersbn/redis:latest "/sbin/entrypoint.sh" 16 minutes ago Up 16 minutes 6379/tcp redis
嘗試刪除:
EXPOSE:您的docker-compose上的5001
並測試此命令以檢查是否有響應:
wget -O- http:// localhost:5001 /
wget -O- https:// localhost:5001 /
在你的nginx配置上,最好在上游聲明中使用不同的名稱
upstream up_gitlab{
server gitlab:5001;
}
...
proxy_set_header REMOTE_ADDR $remote_addr;
proxy_pass https://up_gitlab;
proxy_http_version 1.1;
...
希望能幫助到你
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.