我正在尝试在 docker 环境中运行两个服务。一个是 Angular 应用程序,另一个是我的小型 python 服务器。我已经使用我的自签名证书添加了 jwilder nginx 反向代理以进行身份验证和 ssl 配置。所有容器都在同一个虚拟主机上运行,我可以从另一台主机访问它们。我已经在 jwilder 的文档中添加了证书,并且写到这会发生(可能带有警告)并随后收到 500(https://hub.docker.com/r/jwilder/nginx-proxy ) 我需要找到一个解决方案来访问我的服务,使用 SSL 抛出 nginx 代理有人知道如何更好地做到这一点吗?
version: "3"
services:
controller:
build: ./controller
expose:
- "5080" #This port should be accessible from the frontend but as they are running on the same host I am not able to distinguish the services
restart: always
frontend:
build: ./frontend
expose:
- "4200"
environment:
- DEFAULT_HOST=my-ip-address #to make it accessible from outside
- VIRTUAL_HOST=my-ip-address
# - VIRTUAL_PORT 4200
# - VIRTUAL_PROTO=https
- PROXY_ADDRESS_FORWARDING=true
- NODE_END = production
depends_on:
- controller
restart: always
nginx-reverse-proxy:
image: jwilder/nginx-proxy #budry/jwilder-nginx-proxy-arm # This will run later on the raspberryPi
ports:
- "80:80"
- "443:443"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
- ./nginx.htpasswd:/etc/nginx/htpasswd/my-ip-address
# My self signed certificates
- ./ssl/server.crt:/etc/nginx/certs/default.crt
- ./ssl/server.key:/etc/nginx/certs/default.key
restart: always
所以我在 jwilder 的 nginx 配置文件中以某种方式发现他在这种情况下运行
{{ if (and (not $is_https) (exists "/etc/nginx/certs/default.crt") (exists "/etc/nginx/certs/default.key")) }}
server {
server_name {{ $host }};
listen 443 ssl http2 {{ $default_server }};
{{ if $enable_ipv6 }}
listen [::]:443 ssl http2 {{ $default_server }};
{{ end }}
access_log /var/log/nginx/access.log vhost;
return 500;
ssl_certificate /etc/nginx/certs/default.crt;
ssl_certificate_key /etc/nginx/certs/default.key;
}
他为什么要这样做,我该如何解决?
我可以使用http://my-ip-address访问我的前端(应该转发到 https),但是在https://my-ip-address上我收到“500 内部服务器错误”