7

我找不到与此类似的问题,还有其他人提到 https 重定向,但没有提到最小化重定向。

一直在寻找解决方案,但还无法解决。

我们将 Docker > Traefik 用于 WordPress,并将 www 作为 WordPress 的首选版本。有多个 WP 实例。域是动态添加的。

但是,使用此配置,我收到了两个重定向,从 http 到 https 到 https www

http://example.com/
https://example.com/
https://www.example.com/

有没有办法最小化重定向?

理想的 301 重定向来自

http://example.com directly to https://www.example.com

Traefik 配置文件如下

defaultEntryPoints = ["http", "https"]

[web]
address = ":8080"

[entryPoints]

[entryPoints.http]
address = ":80"
[entryPoints.http.redirect]
entryPoint = "https"

[entryPoints.https]
address = ":443"
compress = true
[entryPoints.https.tls]

[acme]
email = "email@domain.com"
storage = "acme.json"
entryPoint = "https"
onDemand = false
OnHostRule = true


[docker]
endpoint = "unix:///var/run/docker.sock"
domain = "traefik.example.com"
watch = true
exposedbydefault = false

4

3 回答 3

10

尝试用[entryPoints.http.redirect]以下内容替换您的条目:

[entryPoints.http.redirect]
#entryPoint = "https"
regex = "^http:\/\/(www\.)*(example\.com)(.*)"
replacement = "https://www.$2$3"
permanent = true

正则表达式101

它不会处理https://example.com/条目,因此您需要添加:

[entryPoints.https.redirect]
regex = "^https:\/\/(example\.com)(.*)"
replacement = "https://www.$1/$2"
permanent = true

如果您有多个frontedns,则正则表达式可能难以处理,因此您可以考虑在容器上添加标签,如下所示:

traefik.frontend.headers.SSLRedirect=true
traefik.frontend.headers.SSLHost=www.example.com

从 1.7 开始,有一个新选项SSLForceHost可以强制重定向现有的 SSL 连接。

traefik.frontend.headers.SSLForceHost=true
于 2018-07-12T08:43:19.157 回答
2

这是我必须做的。上面的答案很有帮助,但是 traefik 不会启动,因为您实际上需要双 \ 才能在 .toml 中转义。

此外,您仍然需要确保那里有正常的入口点和端口。这是我完整的 entryPoints 部分: 

[entryPoints]
  [entryPoints.http]
    address = ":80"
  [entryPoints.https]
    address = ":443"
  [entryPoints.http.redirect]
    regex = "^http:\\/\\/(www.)*(example\\.com)(.*)"
    replacement = "https://www.$2/$3"
    permanent = true
  [entryPoints.https.redirect]
    regex = "^https:\\/\\/(example.com)(.*)"
    replacement = "https://www.$1/$2"
    permanent = true
[entryPoints.https.tls]
于 2019-06-07T17:21:16.887 回答
0

这就是我让它与 AWS ELB 背后的 docker 提供商合作的方式。

traefik 容器

/usr/bin/docker run --rm \
  --name traefik \
  -p 5080:80 \
  -p 5443:443 \
  -v /etc/traefik/traefik.toml:/etc/traefik/traefik.toml \
  -v /var/run/docker.sock:/var/run/docker.sock \
  traefik

traefik.toml

defaultEntryPoints = ["http", "https"]

[entryPoints]
  [entryPoints.http]
    address = ":80"

  [entryPoints.https]
    address = ":443"

码头工人标签

  -l traefik.enable=true \
  -l traefik.http.middlewares.redirect.redirectregex.regex="^http://(.*)" \
  -l traefik.http.middlewares.redirect.redirectregex.replacement="https://\$1" \
  -l traefik.http.routers.web-redirect.rule="Host(\`domain.com\`)" \
  -l traefik.http.routers.web-redirect.entrypoints="http" \
  -l traefik.http.routers.web-redirect.middlewares="redirect" \
  -l traefik.http.routers.web-secure.rule="Host(\`domain.com\`)" \
  -l traefik.http.routers.web-secure.entrypoints="https" \

ELB 监听器

在此处输入图像描述

于 2019-05-30T23:34:27.367 回答