运行 和 docker-compose 时如何在 nginx 配置中引用 web?
How to reference web in nginx config when run with docker-compose?
我尝试使用 Nginx、Certbot 和我的应用程序配置服务:
docker-compose.yml:
version: '3'
services:
nginx:
image: nginx:1.15-alpine
restart: unless-stopped
volumes:
- ./data/nginx:/etc/nginx/conf.d
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
ports:
- "80:80"
- "443:443"
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
web:
image: example_app:latest
restart: unless-stopped
ports:
- "5005:5005"
nginx/app.conf:
server {
listen 80;
server_name my.app;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name my.app;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/my.app/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my.app/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://web;
}
}
每当我通过 https://my.app 请求服务时,我总是 502 网关。
我翻了很多资料,都搞不清楚我做错了什么?
问题出在 upstream 服务上,对于 docker-compose.yml 中的 web,我将 restart: unless-stopped 更改为 restart:always。
nginx/app.conf:
upstream flask {
server web:5005;
}
server {
listen 80;
server_name my.app;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name my.app;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/patricia.app/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/patricia.app/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://flask;
}
}
我尝试使用 Nginx、Certbot 和我的应用程序配置服务:
docker-compose.yml:
version: '3'
services:
nginx:
image: nginx:1.15-alpine
restart: unless-stopped
volumes:
- ./data/nginx:/etc/nginx/conf.d
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
ports:
- "80:80"
- "443:443"
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
certbot:
image: certbot/certbot
restart: unless-stopped
volumes:
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
web:
image: example_app:latest
restart: unless-stopped
ports:
- "5005:5005"
nginx/app.conf:
server {
listen 80;
server_name my.app;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name my.app;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/my.app/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my.app/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://web;
}
}
每当我通过 https://my.app 请求服务时,我总是 502 网关。
我翻了很多资料,都搞不清楚我做错了什么?
问题出在 upstream 服务上,对于 docker-compose.yml 中的 web,我将 restart: unless-stopped 更改为 restart:always。
nginx/app.conf:
upstream flask {
server web:5005;
}
server {
listen 80;
server_name my.app;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
server_name my.app;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/patricia.app/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/patricia.app/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://flask;
}
}