1回答

慕的地6264312

NGinx 在路径上应用优先级，意味着如果从顶部开始的路径匹配，则不会检查后续路径。location /应该一直在最后。容器应该共享一个网络以便能够互相看到，而不必暴露或与主机共享端口。NGinx 配置：server {&nbsp; &nbsp; listen&nbsp; &nbsp; &nbsp; 80;&nbsp; &nbsp; listen [::]:80;&nbsp; &nbsp; server_name braurl.se www.braurl.se;&nbsp; &nbsp; #for certbot challenges (renewal process)&nbsp; &nbsp; location ~ /.well-known/acme-challenge {&nbsp; &nbsp; &nbsp; &nbsp; allow all;&nbsp; &nbsp; &nbsp; &nbsp; root /data/letsencrypt;&nbsp; &nbsp; }&nbsp; &nbsp; location / {&nbsp; &nbsp; &nbsp; # Always at this end (everything else)&nbsp; &nbsp; &nbsp; &nbsp; # This redirs to either www.braurl.se or braurl.se but with https.&nbsp; &nbsp; &nbsp; &nbsp; rewrite ^ https://$host$request_uri? permanent;&nbsp; &nbsp; }}-----------------------#https://braurl.seserver {&nbsp; &nbsp; listen 443 ssl http2;&nbsp; &nbsp; listen [::]:443 ssl http2;&nbsp; &nbsp; server_name braurl.se www.braurl.se;&nbsp; &nbsp; server_tokens off;&nbsp; &nbsp; ssl_certificate /etc/letsencrypt/live/braurl.se/fullchain.pem;&nbsp; &nbsp; ssl_certificate_key /etc/letsencrypt/live/braurl.se/privkey.pem;&nbsp; &nbsp; ssl_buffer_size 8k;&nbsp; &nbsp; ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;&nbsp; &nbsp; ssl_protocols TLSv1.2 TLSv1.1 TLSv1;&nbsp; &nbsp; ssl_prefer_server_ciphers on;&nbsp; &nbsp; ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;&nbsp; &nbsp; ssl_ecdh_curve secp384r1;&nbsp; &nbsp; ssl_session_tickets off;&nbsp; &nbsp; # OCSP stapling&nbsp; &nbsp; ssl_stapling on;&nbsp; &nbsp; ssl_stapling_verify on;&nbsp; &nbsp; resolver 8.8.8.8;&nbsp; &nbsp; root /usr/share/nginx/html;&nbsp; &nbsp; index index.html;&nbsp; &nbsp; location /api/ {&nbsp; &nbsp; # this First, NGinx use priority, if path match, it won't check the next path&nbsp; &nbsp; &nbsp; &nbsp; proxy_set_header X-Forwarded-For $remote_addr;&nbsp; &nbsp; &nbsp; &nbsp; proxy_http_version 1.1;&nbsp; &nbsp; &nbsp; &nbsp; proxy_set_header Upgrade $http_upgrade;&nbsp; &nbsp; &nbsp; &nbsp; proxy_set_header Connection 'upgrade';&nbsp; &nbsp; &nbsp; &nbsp; proxy_set_header Host $host;&nbsp; &nbsp; &nbsp; &nbsp; proxy_cache_bypass $http_upgrade;&nbsp; &nbsp; &nbsp; &nbsp; proxy_pass http://goservice:8080;&nbsp; &nbsp; &nbsp; &nbsp; fastcgi_buffers 16 16k;&nbsp; &nbsp; &nbsp; &nbsp; fastcgi_buffer_size 32k;&nbsp; &nbsp; }&nbsp; &nbsp; # Always try index files, this is for React.&nbsp; &nbsp; location / {&nbsp; &nbsp; &nbsp; # Always at this end (everything else)&nbsp; &nbsp; &nbsp; &nbsp; try_files $uri /index.html;&nbsp; &nbsp; }}码头工人-compose.ymlversion: '3.1'services:&nbsp; goservice:&nbsp; &nbsp; build: "."&nbsp; &nbsp; image: golang&nbsp; &nbsp; container_name: goservice&nbsp; &nbsp; expose:&nbsp; &nbsp; &nbsp; - "8080" # <-- change port number, Dockerfile EXPOSE 8080&nbsp; &nbsp; networks:&nbsp; &nbsp; &nbsp; &nbsp;# <-- Add this&nbsp; &nbsp; &nbsp; - random_name # <-- Add this&nbsp; &nbsp; # ports:&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; # <-- To Remove&nbsp; &nbsp; #&nbsp; &nbsp;- "8080:8080" # <-- To Remove&nbsp; production-nginx-container:&nbsp; &nbsp; container_name: 'production-nginx-container'&nbsp; &nbsp; image: nginx:latest&nbsp; &nbsp; ports:&nbsp; &nbsp; &nbsp; - "80:80"&nbsp; &nbsp; &nbsp; - "443:443"&nbsp; &nbsp; volumes:&nbsp; &nbsp; &nbsp; - ./production.conf:/etc/nginx/conf.d/default.conf&nbsp; &nbsp; &nbsp; - ./production-site:/usr/share/nginx/html&nbsp; &nbsp; &nbsp; - ./dh-param/dhparam-2048.pem:/etc/ssl/certs/dhparam-2048.pem&nbsp; &nbsp; &nbsp; - /docker-volumes/etc/letsencrypt/live/braurl.se/fullchain.pem:/etc/letsencrypt/live/braurl.se/fullchain.pem&nbsp; &nbsp; &nbsp; - /docker-volumes/etc/letsencrypt/live/braurl.se/privkey.pem:/etc/letsencrypt/live/braurl.se/privkey.pem&nbsp; &nbsp; depends_on:&nbsp; &nbsp; &nbsp; - "goservice"&nbsp; &nbsp; networks:&nbsp; &nbsp; &nbsp; &nbsp;# <-- Add this&nbsp; &nbsp; &nbsp; - random_name # <-- Add thisnetworks:&nbsp; - random_name:现在您可以使用访问前端https://braurl.se和使用 APIhttps://braurl.se/api/

0 0

0