docker - docker 中 nginx 后面的 Keycloak 导致 404 和不定式重定向
问题描述
我是 Keycloak 的新手,也不是 nginx 的专家。我已经关注了文档和其他问题,并使用 keycloak 设置了一个docker -compose 文件,受nginx保护。
这是我的docker-compose.yml
,其中包含 和 的nginx
配置keycloak
。
radarbase-keycloak:
networks:
- api
- security
environment:
KEYCLOAK_USER : ${KEYCLOAK_USER}
KEYCLOAK_PASSWORD: ${KEYCLOAK_PASSWORD}
DB_VENDOR: postgres
DB_ADDR: radarbase-postgresql
DB_PORT: 5432
DB_DATABASE: rbkeycloak
DB_USER: ${POSTGRES_USER}
DB_PASSWORD: ${POSTGRES_PASSWORD}
PROXY_ADDRESS_FORWARDING: "true"
depends_on:
- radarbase-postgresql
restart: always
radarbase-postgresql:
image: postgres:${POSTGRES_VERSION}
networks:
- security
volumes:
- "${RB_POSTGRES_DIR}/data/:/var/lib/postgresql/data/"
environment:
POSTGRES_USER : ${POSTGRES_USER}
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: rbkeycloak
healthcheck:
test: ["CMD-SHELL", "PGPASSWORD='${POSTGRES_PASSWORD}' psql -U '${POSTGRES_USER}' rbkeycloak -l || exit 1"]
interval: 1m30s
timeout: 5s
webserver:
image: nginx:1.13.1-alpine
restart: always
networks:
- api
- default
depends_on:
- radarbase-keycloak
ports:
- "80:80"
- "443:443"
volumes:
- certs:/etc/letsencrypt
- certs-data:/data/letsencrypt
- "./etc/webserver/nginx.conf:/etc/nginx/nginx.conf:ro"
我nginx.conf
的配置如下
worker_rlimit_nofile 8192;
events {
worker_connections 4096; ## Default: 1024
}
http {
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
tcp_nodelay on;
# hide nginx version
server_tokens off;
# add nosniff header (https://www.owasp.org/index.php/List_of_useful_HTTP_headers)
add_header X-Content-Type-Options nosniff;
# For logins, make 2 requests per second at most
limit_req_zone $binary_remote_addr zone=login_limit:10m rate=2r/s;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name mydomain-dev.example.net;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location /auth/{
proxy_pass http://radarbase-keycloak:8080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
一切都在运行,但是,如果我尝试从https://mydomain-dev.example.net/auth/
我得到的访问 keycloak 并且来自 docker**404**
的nginx 日志说
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:46 +0000] "GET /auth/ HTTP/1.1" 200 1087 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:46 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:56 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:15:57 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:57 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:15:57 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:57 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:15:58 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:58 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:15:59 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:59 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:15:59 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:59 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:15:59 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:15:59 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 2018/11/29 16:16:00 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:16:00 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:16:01 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:16:01 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:16:01 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:16:01 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:16:02 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:16:02 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
webserver_1 | 2018/11/29 16:16:02 [error] 8#8: *7 open() "/etc/nginx/html/favicon.ico" failed (2: No such file or directory), client: 143.168.122.1, server: mydomain-dev.example.net, request: "GET /favicon.ico HTTP/1.1", host: "mydomain-dev"
webserver_1 | 143.168.122.1 - - [29/Nov/2018:16:16:02 +0000] "GET /favicon.ico HTTP/1.1" 404 162 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0"
在我看来,它正在寻找 nginx 下的资源。我错过了什么?有人可以帮忙吗?
解决方案
您仅代理/auth/
,但 keycloak 页面正在尝试加载/favicon.ico
(不是/auth/favicon.ico
)。尝试/
不在/auth/
您的 nginx.conf 中代理:
location / {
...
}
更新:所以您想更新 Keycloak 的上下文路径(所有内容都将从该上下文路径提供,甚至是 favicon),恕我直言,不支持,请参阅 https://issues.jboss.org/browse/KEYCLOAK-2310
推荐阅读
- powerbi - 无法在 Databricks 中查看数据框
- python - 点积和矩阵乘法的Tensorflow慢
- javascript - tslint:使用 reduce 构建对象时无对象突变
- javascript - 如何通过单击 gridview 链接在新窗口中显示保存在文件位置中的图像?术语弹出窗口(模式)应显示在两者之间
- angular - 如何在 mat-grid 上制作弹出框
- android - 在哪里初始化 lateinit ?给出错误“kotlin.UninitializedPropertyAccessException:lateinit 属性数据库尚未初始化”
- git - Git bash 与 Visual Studio 中的 git 不同步
- c - 如何修复我的将字符串大小减小到“有效大小”的代码
- twilio - Twilio statusCallback:是否接听电话
- python - 将变量传递给 batchGet() 请求 - Google Analytics Reporting API v4 / Python / loop