在nginx docker容器上强制https
我build立了一个使用三个Docker容器(mysql,nginx和php7.0-fpm)的网站。 我已经通过SSL设置了一切,所以直接连接到https://domain.dev的工作,因为他们应该。 问题是,连接到http://domain.dev导致“拒绝连接”错误。
这是我的(相关)设置:
泊坞窗,compose.yml
services: nginx: build: ./nginx/ ports: - 443:443 volumes: - ${APPLICATION_ROOT}:/${WEBROOT} - ./ssl:/etc/nginx/ssl - ./nginx/config/default.conf:/etc/nginx/conf.d/default.conf restart: always depends_on: - php environment: ENVIRONMENT: "${APPLICATION_ENV}" URL: "${APPLICATION_URL}" container_name: nginx php: build: ./php/ ports: - 8080:80 volumes: - ${APPLICATION_ROOT}:/${WEBROOT} restart: always depends_on: - mysql environment: ENVIRONMENT: "${APPLICATION_ENV}" URL: "${APPLICATION_URL}" MYSQL_HOST: "${DB_HOST}" MYSQL_DATABASE: "${DB_NAME}" MYSQL_USER: "${DB_USERNAME}" MYSQL_PASSWORD: "${DB_PASSWORD}" container_name: php 环境variables存储在一个.env文件btw
Dockerfile
FROM nginx:latest # Update package libraries RUN apt-get update -y && \ apt-get install -y \ nano \ curl \ wget \ unzip \ libmcrypt-dev \
default.conf
server { listen 80; index index.php index.html; server_name $URL_from_env; return 301 https://$host$request_uri; } server{ listen 443 ssl http2; index index.php index.html; server_name $URL_from_env; error_log /var/log/nginx/error.log; access_log /var/log/nginx/access.log; root /var/www/html/public; # set max upload client_max_body_size 500M; ssl on; ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/cert.key; # use fastcgi for all php files location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass php:9000; fastcgi_index index.php; # include fastcgi parameters include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; } # rewrite url's & parse through index location / { try_files $uri $uri/ /hub/index.php?$args; # set max upload client_max_body_size 500M; } }
我期望nginxconfiguration的第一部分应该通过https强制stream量,但显然它不。 我错过了什么?
在你的撰写文件中,你仍然需要让nginx访问端口80,所以它可以在内部重新连接连接。 否则,您正试图连接到一个封闭的端口,这会导致“连接被拒绝”。
services: nginx: build: ./nginx/ ports: - 443:443 - 80:80 volumes: - ${APPLICATION_ROOT}:/${WEBROOT} - ./ssl:/etc/nginx/ssl - ./nginx/config/default.conf:/etc/nginx/conf.d/default.conf restart: always depends_on: - php environment: ENVIRONMENT: "${APPLICATION_ENV}" URL: "${APPLICATION_URL}" container_name: nginx