docker - Docker nginx reverseProxy 连接被拒绝
问题描述
我有 2 个项目,一个名为 defaultWebsite,另一个名为 nginxProxy。
我正在尝试设置以下内容:
在我已经设置的 /etc/hosts 中127.0.0.1 default.local,docker 容器正在为所有人运行。我没有为 reverseProxy 添加 php-fpm 容器(我应该吗?)
nginxReverseProxy default.config
#sample setup
upstream default_local {
server host.docker.internal:31443;
}
server {
listen 0.0.0.0:80;
return 301 https://$host$request_uri;
}
server {
listen 0.0.0.0:443 ssl;
server_name default.local;
ssl_certificate /etc/ssl/private/localhost/default_dev.crt;
ssl_certificate_key /etc/ssl/private/localhost/default_dev.key;
#ssl_verify_client off;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
index index.php index.html index.htm index.nginx-debian.html;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $proxy_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://default_local;
}
}
默认网站配置:
server {
listen 0.0.0.0:80;
server_name default.local;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 0.0.0.0:443 ssl;
server_name default.local;
root /app/public;
#this is for local. on production this will be different.
ssl_certificate /etc/ssl/default.local/localhost.crt;
ssl_certificate_key /etc/ssl/default.local/localhost.key;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass php-fpm:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
internal;
}
# return 404 for all other php files not matching the front controller
# this prevents access to other php files you don't want to be accessible.
location ~ \.php$ {
return 404;
}
error_log /var/log/nginx/default_error.log;
access_log /var/log/nginx/default_access.log;
}
默认网站的 docker-compose.yml:
服务:
nginx:
build: DockerConfig/nginx
working_dir: /app
volumes:
- .:/app
- ./log:/log
- ./data/nginx/htpasswd:/etc/nginx/.htpasswd
- ./data/nginx/nginx_dev.conf:/etc/nginx/conf.d/default.conf
depends_on:
- php-fpm
- mysql
links:
- php-fpm
- mysql
ports:
- "31080:80"
- "31443:443"
expose:
- "31080"
- "31443"
environment:
VIRUAL_HOST: "default.local"
APP_FRONT_CONTROLLER: "public/index.php"
networks:
default:
aliases:
- default
php-fpm:
build: DockerConfig/php-fpm
working_dir: /app
volumes:
- .:/app
- ./log:/log
- ./data/php-fpm/php-ini-overrides.ini:/etc/php/7.3/fpm/conf.d/99-overrides.ini
ports:
- "30902:9000"
expose:
- "30902"
extra_hosts:
- "default.local:127.0.0.1"
networks:
- default
environment:
XDEBUG_CONFIG: "remote_host=172.29.0.1 remote_enable=1 remote_autostart=1 idekey=\"PHPSTORM\" remote_log=\"/var/log/xdebug.log\""
PHP_IDE_CONFIG: "serverName=default.local"
用于 nginxReverseProxy 的 docker-compose.yml:
services:
reverse_proxy:
build: DockerConfig/nginx
hostname: reverseProxy
ports:
- 80:80
- 443:443
extra_hosts:
- "host.docker.internal:127.0.0.1"
volumes:
- ./data/nginx/dev/default_dev.conf:/etc/nginx/conf.d/default.conf
- ./data/certs:/etc/ssl/private/
码头工人ps输出:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6e9a8479e6f8 default_nginx "nginx -g 'daemon of…" 12 hours ago Up 12 hours 31080/tcp, 31443/tcp, 0.0.0.0:31080->80/tcp, 0.0.0.0:31443->443/tcp default_nginx_1
5e1df4d6f1f5 default_php-fpm "/usr/sbin/php-fpm7.…" 12 hours ago Up 12 hours 30902/tcp, 0.0.0.0:30902->9000/tcp default_php-fpm_1
f3ec76cd7148 default_mysql "/entrypoint.sh mysq…" 12 hours ago Up 12 hours (healthy) 33060/tcp, 0.0.0.0:31336->3306/tcp default_mysql_1
d633511bc6a8 proxy_reverse_proxy "/bin/sh -c 'exec ng…" 12 hours ago Up 12 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp proxy_reverse_proxy_1
如果我直接访问,default.local:31443我可以看到页面正常工作。
当我尝试访问http://default.local时,它会将我重定向到https://default.local但同时我收到此错误:
reverse_proxy_1 | 2020/04/14 15:22:43 [error] 6#6: *4 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.80.1, server: default.local, request: "GET / HTTP/1.1", upstream: "https://127.0.0.1:31443/", host: "default.local"
解决方案
不确定这是不是答案,但是写得太长了,无法发表评论。
在您的 nginx 配置文件中,您有:
upstream default_local {
server host.docker.internal:31443;
}
正如我所看到的(这里可能是错误的;),您有一个不同的容器访问它:
extra_hosts:
- "host.docker.internal:127.0.0.1"
但是您将主机名设置为127.0.0.1,不应该是docker主机ip。因为它连接到不同的容器?
一般来说,当所有容器需要连接到另一个容器/外部时,请确保在所有容器上使用 docker 主机 ip。
推荐阅读
- lua - 构建脚本未运行
- python - 在 raspbian/linux 上打印错误 Pyqt Qwebkit
- c# - 使用 C# 的 Microsoft.Office.Interop 从 Microsoft Excel 复制格式化的单元格区域并粘贴到 Microsoft Word
- python - Python os.remove(filename) 抛出错误“已被 temp 使用”
- php - 试图在laravel中获取非对象问题的属性
- perl - 如何使用任何 windows 或 unix/linux 命令行脚本按范围递增文件中的文本?
- sql - 执行滚动计算的 SQL 临时表数组
- javascript - 本地 JS 文件未在 Heroku 上加载/运行
- reactjs - React Custom Hook with Typescript Type error "Property 'x' does not exist on type 'interface | (({ target }: any) => void)'.ts(2339)"
- reactjs - 抓取多个选中的复选框值(React JS)