ruby-on-rails - 如何在应用程序之间使用 Rails 和 SSL 配置 nginx？

问题描述

我有两台服务器，主服务器使用这个 Nginx 配置（SSL 配置正确）：

server {
  listen 80;
  listen [::]:80;
  server_name bbb.domain.com;

  listen 443 ssl;
  listen [::]:443 ssl;

 #....ssl stuff

  location / {
    proxy_pass          http://rails_public_server_ip:80;
    proxy_set_header    Host              $host;
    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto $scheme;
    proxy_http_version  1.1;
  }

Rails 服务器 Nginx ( /etc/nginx/sites-available/default):

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        location / {
        proxy_pass http://127.0.0.1:5000;
        proxy_set_header    Host              $host;
        proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header    X-Forwarded-Proto $scheme;
        proxy_http_version  1.1;
        }
}

Rails 服务器使用 docker compose 与此：

version: '3'

services:
  app:
    entrypoint: [bin/start]
    image: bigbluebutton/greenlight:v2
    container_name: greenlight-v2
    env_file: .env
    restart: unless-stopped
    ports:
      - 127.0.0.1:5000:80

我可以bbb.domain.com使用 HTTP 和 HTTPS 浏览应用程序。使用 HTTPS 并尝试登录时，My Rails 应用程序 ( 5.2.3) 通过：

WARN: [a57e6c92-8d04-428b-89cc-bd16c87e263b] HTTP Origin header (https://bbb.domain.com) didn't match request.base_url (http://bbb.domain.com) 
INFO: [a57e6c92-8d04-428b-89cc-bd16c87e263b] method=POST path=/u/login format=html controller=SessionsController action=create status=422 error='ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken' duration=8.47 view=0.00 db=0.63 host=greenlight 
FATAL: [a57e6c92-8d04-428b-89cc-bd16c87e263b]    
FATAL: [a57e6c92-8d04-428b-89cc-bd16c87e263b] ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken): 
FATAL: [a57e6c92-8d04-428b-89cc-bd16c87e263b]    
FATAL: [a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal/request_forgery_protection.rb:211:in `handle_unverified_request'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal/request_forgery_protection.rb:243:in `handle_unverified_request'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal/request_forgery_protection.rb:238:in `verify_authenticity_token'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:426:in `block in make_lambda'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:179:in `block (2 levels) in halting_and_conditional'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/abstract_controller/callbacks.rb:34:in `block (2 levels) in <module:Callbacks>'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:180:in `block in halting_and_conditional'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:513:in `block in invoke_before'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:513:in `each'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:513:in `invoke_before'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:131:in `run_callbacks'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/abstract_controller/callbacks.rb:41:in `process_action'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal/rescue.rb:22:in `process_action'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal/instrumentation.rb:34:in `block in process_action'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/notifications.rb:168:in `block in instrument'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/notifications/instrumenter.rb:23:in `instrument'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/notifications.rb:168:in `instrument'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal/instrumentation.rb:32:in `process_action'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal/params_wrapper.rb:256:in `process_action'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activerecord-5.2.3/lib/active_record/railties/controller_runtime.rb:24:in `process_action'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/abstract_controller/base.rb:134:in `process'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionview-5.2.3/lib/action_view/rendering.rb:32:in `process'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal.rb:191:in `dispatch'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_controller/metal.rb:252:in `dispatch'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/routing/route_set.rb:52:in `dispatch'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/routing/route_set.rb:34:in `serve'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/journey/router.rb:52:in `block in serve'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/journey/router.rb:35:in `each'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/journey/router.rb:35:in `serve'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/routing/route_set.rb:840:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/omniauth-1.9.0/lib/omniauth/builder.rb:64:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/http_accept_language-2.1.1/lib/http_accept_language/middleware.rb:14:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/tempfile_reaper.rb:15:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/etag.rb:27:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/conditional_get.rb:40:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/head.rb:12:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/http/content_security_policy.rb:18:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/session/abstract/id.rb:266:in `context'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/session/abstract/id.rb:260:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/cookies.rb:670:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/callbacks.rb:98:in `run_callbacks'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/callbacks.rb:26:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/debug_exceptions.rb:61:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/lograge-0.11.2/lib/lograge/rails_ext/rack/logger.rb:15:in `call_app'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/railties-5.2.3/lib/rails/rack/logger.rb:26:in `block in call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/tagged_logging.rb:71:in `block in tagged'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/tagged_logging.rb:28:in `tagged'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/activesupport-5.2.3/lib/active_support/tagged_logging.rb:71:in `tagged'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/railties-5.2.3/lib/rails/rack/logger.rb:26:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/request_store-1.4.1/lib/request_store/middleware.rb:19:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/request_id.rb:27:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/method_override.rb:24:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/runtime.rb:22:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/executor.rb:14:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/actionpack-5.2.3/lib/action_dispatch/middleware/static.rb:127:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/sendfile.rb:110:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/railties-5.2.3/lib/rails/engine.rb:524:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/urlmap.rb:74:in `block in call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/urlmap.rb:58:in `each'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/rack-2.2.2/lib/rack/urlmap.rb:58:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/puma-3.12.4/lib/puma/configuration.rb:227:in `call'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/puma-3.12.4/lib/puma/server.rb:675:in `handle_request'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/puma-3.12.4/lib/puma/server.rb:476:in `process_client'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/puma-3.12.4/lib/puma/server.rb:334:in `block in run'
[a57e6c92-8d04-428b-89cc-bd16c87e263b] vendor/bundle/ruby/2.5.0/gems/puma-3.12.4/lib/puma/thread_pool.rb:135:in `block in spawn_thread' 
WARN: [a57e6c92-8d04-428b-89cc-bd16c87e263b] HTTP Origin header (https://bbb.domain.com) didn't match request.base_url (http://bbb.domain.com)) 
INFO: [a57e6c92-8d04-428b-89cc-bd16c87e263b] method=POST path=/422 format=html controller=RoomsController action=join status=422 error='ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken' duration=4.41 view=0.00 db=0.07 host=greenlight 

应该如何解决这个问题？

标签： ruby-on-railsnginx