java - 服务器设置 Spring Boot & Docker & Traefik
问题描述
我目前正在尝试在我的服务器上为我学校的一个小组项目设置一个 dockerized spring boot 应用程序,但我似乎无法弄清楚如何设置它,以便通过 HTTPS 访问 API(Spring Boot) . 客户端是一个简单的 React Admin 页面,它可以工作。这只是我够不到的弹簧靴。浏览器不断告诉我“您已被重定向太多次”。该页面是https://stocks-tracker-api.manuele-vaccari.ch/
Spring Boot 应用程序是用./gradlew bootBuildImage --imageName=d3strukt0r/fhnw-stocks-tracker-api
version: "3.2"
services:
db:
image: mariadb
command:
- --character-set-server=utf8mb4
- --collation-server=utf8mb4_unicode_ci
healthcheck:
test: ["CMD", "mysqladmin", "ping"]
interval: 10s
timeout: 5s
retries: 3
networks:
- internal
volumes:
- ./database:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
MYSQL_USER: ${DB_USERNAME}
MYSQL_PASSWORD: ${DB_PASSWORD}
MYSQL_DATABASE: ${DB_DATABASE}
phpmyadmin:
image: phpmyadmin/phpmyadmin
depends_on:
- db
networks:
- internal
- traefik_proxy
dns:
- 1.1.1.1
- 1.0.0.1
environment:
UPLOAD_LIMIT: 100M
labels:
- traefik.enable=true
- traefik.http.routers.stocksTrackerPhpmyadmin0.entrypoints=http
- traefik.http.routers.stocksTrackerPhpmyadmin0.rule=Host(`${PHPMYADMIN_URL}`)
- traefik.http.routers.stocksTrackerPhpmyadmin0.middlewares=to_https
- traefik.http.routers.stocksTrackerPhpmyadmin.entrypoints=https
- traefik.http.routers.stocksTrackerPhpmyadmin.rule=Host(`${PHPMYADMIN_URL}`)
- traefik.http.routers.stocksTrackerPhpmyadmin.tls=true
- traefik.http.routers.stocksTrackerPhpmyadmin.tls.certresolver=le
api:
image: d3strukt0r/fhnw-stocks-tracker-api:nightly
depends_on:
- db
networks:
- internal
- traefik_proxy
dns:
- 1.1.1.1
- 1.0.0.1
# volumes:
# - ./data/:/data/
environment:
# https://stackoverflow.com/questions/46057625/externalising-spring-boot-properties-when-deploying-to-docker
# https://howtodoinjava.com/spring-boot2/datasource-configuration/
SPRING_APPLICATION_JSON: '{
"spring.datasource.url": "jdbc:mysql://db:3306/${DB_DATABASE}",
"spring.datasource.username": "${DB_USERNAME}",
"spring.datasource.password": "${DB_PASSWORD}",
"spring.datasource.driver-class-name": "com.mysql.jdbc.Driver",
"spring.jpa.database-platform": "org.hibernate.dialect.MySQL5InnoDBDialect",
"security.token.secret": "${API_TOKEN_SECRET}",
"server.port": 8081
}'
labels:
- traefik.enable=true
- traefik.http.services.stocks-tracker.loadbalancer.server.port=8081
- traefik.http.routers.stocksTrackerApi0.entrypoints=http
- traefik.http.routers.stocksTrackerApi0.rule=Host(`${API_URL}`)
- traefik.http.routers.stocksTrackerApi0.middlewares=to_https
- traefik.http.routers.stocksTrackerApi.entrypoints=https
- traefik.http.routers.stocksTrackerApi.rule=Host(`${API_URL}`)
- traefik.http.routers.stocksTrackerApi.tls=true
- traefik.http.routers.stocksTrackerApi.tls.certresolver=le
client:
image: d3strukt0r/fhnw-stocks-tracker-client:nightly
depends_on:
- api
networks:
- internal
- traefik_proxy
labels:
- traefik.enable=true
- traefik.http.routers.stocksTracker0.entrypoints=http
- traefik.http.routers.stocksTracker0.rule=Host(`${CLIENT_URL}`)
- traefik.http.routers.stocksTracker0.middlewares=to_https
- traefik.http.routers.stocksTracker.entrypoints=https
- traefik.http.routers.stocksTracker.rule=Host(`${CLIENT_URL}`)
- traefik.http.routers.stocksTracker.tls=true
- traefik.http.routers.stocksTracker.tls.certresolver=le
networks:
internal:
external: false
traefik_proxy:
external: true
还有更多信息,这里是 Traefik 配置
version: "2"
# Manage domain access to services
services:
traefik:
container_name: traefik
image: traefik
command:
- --api.dashboard=true
- --certificatesresolvers.le.acme.email=${ACME_EMAIL}
- --certificatesresolvers.le.acme.storage=acme.json
# - --certificatesresolvers.le.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory
- --certificatesresolvers.le.acme.dnschallenge=true
- --certificatesresolvers.le.acme.dnschallenge.provider=cloudflare
- --entrypoints.http.address=:80
- --entrypoints.https.address=:443
- --global.sendAnonymousUsage
- --log.level=INFO
- --providers.docker=true
- --providers.docker.exposedbydefault=false
- --providers.docker.network=traefik_proxy
- --pilot.token=${PILOT_TOKEN}
restart: always
networks:
- traefik_proxy
ports:
- "80:80"
- "443:443"
dns:
- 1.1.1.1
- 1.0.0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./acme.json:/acme.json
# - ./acme-staging.json:/acme.json
environment:
CF_API_EMAIL: ${CLOUDFLARE_EMAIL}
CF_API_KEY: ${CLOUDFLARE_API_KEY}
labels:
- traefik.enable=true
- traefik.http.routers.traefik0.entrypoints=http
- traefik.http.routers.traefik0.rule=Host(`${TRAEFIK_URL}`)
- traefik.http.routers.traefik0.middlewares=to_https
- traefik.http.routers.traefik.entrypoints=https
- traefik.http.routers.traefik.rule=Host(`${TRAEFIK_URL}`)
- traefik.http.routers.traefik.middlewares=traefik_auth
- traefik.http.routers.traefik.tls=true
- traefik.http.routers.traefik.tls.certresolver=le
- traefik.http.routers.traefik.service=api@internal
# Declaring the user list
#
# Note: all dollar signs in the hash need to be doubled for escaping.
# To create user:password pair, it's possible to use this command:
# echo $(htpasswd -nb user password) | sed -e s/\\$/\\$\\$/g
- traefik.http.middlewares.traefik_auth.basicauth.users=${TRAEFIK_USERS}
# Standard middleware for other containers to use
- traefik.http.middlewares.to_https.redirectscheme.scheme=https
- traefik.http.middlewares.to_https_perm.redirectscheme.scheme=https
- traefik.http.middlewares.to_https_perm.redirectscheme.permanent=true
networks:
traefik_proxy:
external: true
我必须更改什么才能通过 HTTPS 访问它?
解决方案
推荐阅读
- r - 如何创建按PERMNO分组并在R中按日期排列的累积变量
- python - 我正在尝试从我的用户那里获取:first_name 和 last_name,并注意到在我的 html 代码中正在改进
- android - 为什么我的位图图像出现在警报对话框后面?
- ios - 根据用户选择从数据模型中列出和过滤 - SwiftUI
- excel - 如何从 Excel 中的文本字符串中提取特定数字?
- swift - UITableViewCell 内的 UICollectionView 缓慢滚动
- .net-core - 依赖注入 - .NET Core Windows 窗体
- compilation - 用 openmpi-4.0.5 编译的 Quantum esspresso-6.7.0 问题
- react-native - 如何访问从子到父反应原生的状态变量?
- html - 为什么 CSS 变换会影响站点宽度?