![](/img/trans.png)
[英]ASP.Net Core docker environment variable to deactivate SSL redirect
[英]Docker + Asp.net core api + Apache : infinite redirect loop
我正在嘗試使用 Docker Compose 將與我的 web 應用程序(Asp.net Core API)相關的所有內容容器化,包括 AVPSOVHH 上的 SSL 證書(CertApache.bot) 我有一個無限重定向循環。
如果有人能發現我哪里出錯了,我將非常感激!
Docker-compose.yml:
my_app_prod:
image: "myapp/my-app_prod:latest"
restart: always
ports:
- "83:80"
- "85:443"
network_mode: bridge
<VirtualHost *:*>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
</VirtualHost>
<VirtualHost *:80>
ServerName www.my-domain.com
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:83/
ProxyPassReverse / http://127.0.0.1:83/
ProxyPassReverseCookieDomain 127.0.0.1 www.my-domain.com
RewriteEngine on
RewriteCond %{SERVER_NAME} =www.my-domain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
ErrorLog ${APACHE_LOG_DIR}helloapp-error.log
CustomLog ${APACHE_LOG_DIR}helloapp-access.log common
</VirtualHost>
www.my-domain.com-le-ssl.conf :
<VirtualHost *:*>
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
RequestHeader set "X-Forwarded-For" expr=%{REMOTE_ADDR}e
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName api.nicepet.fr
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:83/
ProxyPassReverse / http://127.0.0.1:83/
ProxyPassReverseCookieDomain 127.0.0.1 api.nicepet.fr
SSLCertificateFile /etc/letsencrypt/live/api.nicepet.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/api.nicepet.fr/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
啟動.cs:
public void ConfigureServices(IServiceCollection services)
{
services.AddScoped<PathFilter>();
services.AddDbContext<ApiNicepetContext>(item => item.UseMySql(Configuration.GetConnectionString("DefaultConnection")));
services.AddControllers(mvcOptions => mvcOptions.EnableEndpointRouting = false);
services.AddOData();
//services.AddTransient();
services.AddCors(o => o.AddPolicy("MyPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
var forwardedHeadersOptions = new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto,
RequireHeaderSymmetry = false
};
forwardedHeadersOptions.KnownNetworks.Clear();
forwardedHeadersOptions.KnownProxies.Clear();
app.UseForwardedHeaders(forwardedHeadersOptions);
app.UseAuthentication();
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
//app.UseHttpsRedirection();
app.UseCors("MyPolicy");
app.UseMvc(routeBuilder =>
{
routeBuilder.EnableDependencyInjection();
routeBuilder.Select().Filter().Expand();
routeBuilder.MapODataServiceRoute("OData", "odata", GetEdmModel());
});
}
Appsettings.json:
{
"https_port": 443,
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft": "Warning",
"Microsoft.Hosting.Lifetime": "Information"
}
},
"AllowedHosts": "*"
//…
}
程序.cs:
//...
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>().UseUrls("http://*:80");
});
我相信您的應用程序沒有看到該請求已經通過 SSL 因為您配置的反向代理負責 SSL 終止。 它嘗試使用app.UseHttpsRedirection();
它進入無限循環。
嘗試設置ForwardedHeaders
中間件,就像在這個問題的答案中描述的那樣。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.