我正在尝试为我正在构建的应用程序设置反向代理。该应用程序被拆分为两个 docker 镜像。首先是一个网络用户界面,可以通过https://example.com/访问
第二个 docker 图像具有我感兴趣的基址。第一个是https://example.com/swagger,第二个是https://example.com/api
当我导航到 example.com 时,一切都按预期工作。我得到了应用程序前端。当我导航到 swagger 链接时,再次一切正常,我得到了 swagger 页面。实际地址是https://example.com/swagger/index.html
但是,第三部分是https://example.com/api是我想要访问的 Rest API,当我尝试调用它时。或者更具体地说,对https://example.com/api/Authentication/login的 POST 请求
我从服务器收到 307 响应,将调用重定向到http://actualserver.local:7066/api/Authentication/login
我不明白为什么要这样做,因为它应该像 swagger 链接那样获取信息。
这是我用来运行反向代理的 nginx.conf 文件
worker_processes 1;
events { worker_connections 1024; }
http {
client_max_body_size 0;
sendfile on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
server {
listen 80 default_server;
server_name example.com;
# location /.well-known/acme-challenge/ {
# root /var/www/certbot;
# }
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name example.com;
location /api {
proxy_pass http://actualserver.local:7066/api;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /swagger {
proxy_pass http://actualserver.local:7066/swagger;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location / {
proxy_pass http://actualserver.local:3000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
}
我正在寻找的是让反向代理调用 actualserver.local,而不是返回 307。我在这里有点力不从心,所以任何帮助将不胜感激。
更新:我尝试修改 nginx 配置以查看这是否有任何效果。这是我更新的文件。
worker_processes 1;
事件 { worker_connections 1024; }
http { client_max_body_size 0; 发送文件;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
upstream web-ui {
server actualserver.local:3000;
}
upstream web-api {
server actualserver.local:7066;
}
server {
listen 80 default_server;
server_name example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name example.com;
location /api {
proxy_pass http://web-api/api;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /swagger {
proxy_pass http://web-api/swagger;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location / {
proxy_pass http://web-ui;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
}
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
}
307 中报告的位置是
https://web-api:7066/api/Authentication/login
web-api 在整个代码库中唯一存在的地方是在 nginx.conf 中,这不能来自应用程序服务器。必须是 nginx 正在执行此操作。