首页 文章

在Docker / 400 Bad Request上使用HTTPS的Traefik和Nginx

提问于
浏览
1

我正在尝试使用基于Docker的Traefik和Nginx构建堆栈 . 没有HTTPS一切都很好,但是一旦我进行HTTPS配置,我就会收到错误 .

我在 example.com 上从Nginx收到此错误: 400 Bad Request / The plain HTTP request was sent to HTTPS port. 在地址栏中我可以看到绿色锁表示连接是安全的 .

Certbot工作正常,所以我在正确的文件夹中有真正的SSL证书 .

当我访问 traefik.example.com 时,我可以访问Traefik dasboard但是我必须接受没有SSL浏览器警告,并且dasboard也可以在没有HTTPS的情况下工作 .

泊坞窗,compose.yml

version: '3.4'
services:
    traefik:
        image: traefik:latest
        ports:
            - "80:80"
            - "443:443"
            - "8080:8080"
        volumes:
            - /var/run/docker.sock:/var/run/docker.sock
            - ./traefik/traefik.toml:/etc/traefik/traefik.toml
            - ../letsencrypt:/etc/letsencrypt
        labels:
            - traefik.backend=traefik
            - traefik.frontend.rule=Host:traefik.example.com
            - traefik.port=8080
        networks:
           - traefik
    nginx:
        image: nginx:latest
        volumes:
            - ../www:/var/www
            - ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf
            - ../letsencrypt:/etc/letsencrypt
        labels:
            - traefik.backend=nginx
            - traefik.frontend.rule=Host:example.com
            - traefik.port=80
            - traefik.port=443
        networks:
            - traefik
networks:
    traefik:
        driver: overlay
        external: true
        attachable: true

traefik.toml

defaultEntryPoints = ["http", "https"]

[web]
    address = ":8080"

[entryPoints]
    [entryPoints.http]
        address = ":80"
        [entryPoints.http.redirect]
            entryPoint = "https"
    [entryPoints.https]
        address = ":443"
        [entryPoints.https.tls]
            [[entryPoints.https.tls.certificates]]
                certFile = "/etc/letsencrypt/live/example.com/fullchain.pem"
                keyFile = "/etc/letsencrypt/live/example.com/privkey.pem"

[docker]
    domain="example.com"
    watch = true
    exposedByDefault = true
    swarmMode = false

nginx.conf

server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://www.example.com$request_uri;
}

server {
    listen 443 ssl http2;
    server_name example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    return 301 https://www.example.com$request_uri;
}

server {
    listen 443 ssl http2;

    server_name www.example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

    root /var/www/public;
    index index.html;
}

谢谢你的帮助 .

docker nginx https traefik

1 回答

  • 0

    首先,不需要在Traefik和Nginx中配置SSL重定向 . 此外,Traefik前端仅匹配 non www 变体,但后端应用程序需要 www . 最后,Traefik web 提供程序已弃用,因此应该有更新的 api 提供程序 .

    回复于

相关问题