如何使用 nginx 配置 traefik 以使用 https 模式进行 cotrrect 工作？

Question

我在使用带有 traefik 的 nginx 时遇到了问题。我的项目可以独立运行，使用 nginx 映像，但是当我尝试实现 traefik 时遇到了一些麻烦，我的 SERVER 全局变量不包含 HTTPS 密钥，关于这个 laravel 没有理解它并用于资产和其他使用 @ 987654322@ - http 而不是 https。当我尝试提供强制模式解决方案时，这是已解决的问题，但我想这对于这种情况来说不是正确的方法，因为独立一切都可以完美运行。所以这是我的 Nginx 独立版本，它工作正常并且资产加载了 https 模式：

  nginx:
    build:
      context: .
      dockerfile: ./nginx/Dockerfile
    restart: on-failure
    volumes:
      - "../:/var/www"
    ports:
      - "80:80"
      - "443:443"

带配置

server {
    server_name my_project.local.com;
    listen 443 ssl;

    ssl_certificate      /etc/nginx/certificates/cert.pem;
    ssl_certificate_key  /etc/nginx/certificates/key.pem;

    root /var/www/public;
    index index.php index.html index.htm;

    location /storage/ {
        alias /var/www/storage/app/public/;
        autoindex off;
    }

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        client_max_body_size 50m;

        fastcgi_pass php-img:9000;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_read_timeout 3600;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME /var/www/public/index.php;
        fastcgi_param PHP_VALUE "error_log=/var/log/nginx/php-img_errors.log";
    }

    access_log /var/log/nginx/php-img_service.access.log;
    error_log  /var/log/nginx/php-img_service.error.log  crit;

    location ~ /\.ht {
        deny all;
    }
}

以及我添加流量图像时的另一种情况

  lu-traefik:
    image: traefik:2.4.8
    ports:
      # The HTTP port
      - "80:80"
      - "443:443"
      - "4200:4200"
      # The Web UI (enabled by --api.insecure=true)
      - "8080:8080"
    volumes:
      # So that Traefik can listen to the Docker events
      - /var/run/docker.sock:/var/run/docker.sock
      - type: bind
        source: ./docker/lu-traefik/dev/traefik.yml
        target: /etc/traefik/traefik.yml
      - type: bind
        source: ./docker/lu-traefik/dev/configuration/
        target: /traefik/configuration/
      - type: bind
        source: ./docker/lu-traefik/dev/tls
        target: /traefik/tls
    logging:
      options:
        max-size: "10m"
        max-file: "5"

  lu-backend-nginx:
    image: nginx:1.21.0-alpine
    depends_on:
      - lu-backend-php
      - lu-traefik
    restart: on-failure
    labels:
      - traefik.enable=true
      - traefik.http.routers.r-lu-backend-nginx-https.rule=Host(`lu-backend.local.com`)
      - traefik.http.routers.r-lu-backend-nginx-https.entrypoints=web-secure
      - traefik.http.routers.r-lu-backend-nginx-https.service=s-lu-backend-nginx-https
      - traefik.http.routers.r-lu-backend-nginx-https.tls=true
      - traefik.http.services.s-lu-backend-nginx-https.loadbalancer.server.port=80
    expose:
      - "80"
    volumes:
      - type: bind
        source: ./apps/lu-backend
        target: /var/www
      - type: bind
        source: ./docker/lu-backend/nginx/lumaly.conf
        target: /etc/nginx/conf.d/lumaly.conf
      - type: bind
        source: ./docker/lu-backend/nginx/lumaly.conf
        target: /etc/nginx/sites-enable/lumaly.conf

和 lumaly.conf

server {
    server_name lu-backend.local.com;
    listen 80;

    root /var/www/public;
    index index.php index.html index.htm;

    location /storage/ {
        alias /var/www/storage/app/public/;
        autoindex off;
    }

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        client_max_body_size 50m;

        fastcgi_pass lu-backend-php:9000;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_read_timeout 3600;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME /var/www/public/index.php;
        fastcgi_param PHP_VALUE "error_log=/var/log/nginx/php-lumaly_errors.log";
    }

    access_log /var/log/nginx/php-lumaly_service.access.log;
    error_log  /var/log/nginx/php-lumaly_service.error.log  crit;


    location ~ /\.ht {
        deny all;
    }
}

当我尝试打开 https://lu-backend.local.com 时，我遇到了项目页面，但资产（css 和 js 文件）没有加载，因为由于某种原因，它们尝试通过 http 模式加载，但无法加载

如果我添加到app/Providers/AppServiceProvider.php

    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {
        $current = \URL::current();
//        if(config('app.env') === 'local') {
//            \URL::forceScheme('https');
//        }
    }

我遇到的是 http 模式，因为 SERVER var 不包含 HTTPS 密钥。

\Symfony\Component\HttpFoundation\Request::isSecure:

$https = $this->server->get('HTTPS'); // return null
return !empty($https) && 'off' !== strtolower($https);

有什么返回 docker compose ps

lu_lu-backend-mariadb_1_807f9a7f6096   docker-entrypoint.sh --def ...   Up      0.0.0.0:8306->3306/tcp                     
lu_lu-backend-nginx_1_b2df3bd1ddc1     /docker-entrypoint.sh ngin ...   Up      80/tcp                                     
lu_lu-backend-php_1_566405992c8f       bash /usr/local/bin/docker ...   Up      9000/tcp                                   
lu_lu-redis_1_12cc7e7d897e             docker-entrypoint.sh redis ...   Up      0.0.0.0:6379->6379/tcp                     
lu_lu-traefik_1_78171c03c3d5           /entrypoint.sh traefik           Up      0.0.0.0:4200->4200/tcp,                    
                                                                                0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp,  
                                                                                0.0.0.0:8080->8080/tcp

那么，我的问题是如何使用 nginx 配置 treafic 以使用 https 架构进行 cotrrect 工作？

Answer 1

我没有阅读您的整个设置，但您不需要从您的 nginx 容器中公开端口 80。

也许只是尝试删除

expose:
      - "80"