Ich versuche, MultiWebsite Docker Server zu bauen.Docker Nginx Reverse Proxy 502 Fehler auf fastcgi
Ich möchte einen Container für Proxy und andere für Websites haben. Auch ich möchte fastcgi wegen der besseren Leistung verwenden.
Ich verwende jwilder/nginx-proxy
PROBLEM: Einstellung fastcgi (- VIRTUAL_PROTO = fastcgi) verursacht 502 Bad Gateway-Fehler:
2017/12/21 22:06:20 [error] 5#5: *24 connect() failed (111: Connection refused) while connecting to upstream,
client: 77.X3.38.17, server: domain.tdl, request: "GET/HTTP/2.0", upstream: "fastcgi://172.18.0.2:9000", host: "domain.tdl"
WEBSITE CONTAINER
version: "3"
services:
test:
image: richarvey/nginx-php-fpm:latest
volumes:
- /srv/www/domain.tdl/data:/var/www/html
expose:
- 80
- 443
restart: always
environment:
VIRTUAL_HOST: domain.tdl
VIRTUAL_PROTO: fastcgi
VIRTUAL_PORT: 9000
VIRTUAL_ROOT: /var/www/html
container_name: test
networks:
default:
external:
name: nginx-proxy
NGINX- PROXY COINTAINER
version: '3'
services:
nginx:
image: nginx
labels:
com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy: "true"
container_name: nginx
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- /srv/www/nginx-proxy/conf.d:/etc/nginx/conf.d
- /srv/www/nginx-proxy/vhost.d:/etc/nginx/vhost.d
- /srv/www/nginx-proxy/html:/usr/share/nginx/html
- /srv/www/nginx-proxy/certs:/etc/nginx/certs:ro
nginx-gen:
image: jwilder/docker-gen
command: -notify-sighup nginx -watch -wait 5s:30s /etc/docker-gen/templates/nginx.tmpl /etc/nginx/conf.d/default.conf
container_name: nginx-gen
restart: unless-stopped
volumes:
- /srv/www/nginx-proxy/conf.d:/etc/nginx/conf.d
- /srv/www/nginx-proxy/vhost.d:/etc/nginx/vhost.d
- /srv/www/nginx-proxy/html:/usr/share/nginx/html
- /srv/www/nginx-proxy/certs:/etc/nginx/certs:ro
- /var/run/docker.sock:/tmp/docker.sock:ro
- /srv/www/nginx-proxy/nginx.tmpl:/etc/docker-gen/templates/nginx.tmpl:ro
nginx-letsencrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
container_name: nginx-letsencrypt
restart: unless-stopped
volumes:
- /srv/www/nginx-proxy/conf.d:/etc/nginx/conf.d
- /srv/www/nginx-proxy/vhost.d:/etc/nginx/vhost.d
- /srv/www/nginx-proxy/html:/usr/share/nginx/html
- /srv/www/nginx-proxy/certs:/etc/nginx/certs:rw
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
NGINX_DOCKER_GEN_CONTAINER: "nginx-gen"
NGINX_PROXY_CONTAINER: "nginx"
networks:
default:
external:
name: nginx-proxy
NGINX config- Datei von NGINX-PROXY CONTAINER
# domain.tdl
upstream domain.tdl {
## Can be connect with "nginx-proxy" network
# test
server 172.18.0.2:9000;
}
server {
server_name domain.tdl;
listen 80 ;
access_log /var/log/nginx/access.log vhost;
return 301 https://$host$request_uri;
}
server {
server_name domain.tdl;
listen 443 ssl http2 ;
access_log /var/log/nginx/access.log vhost;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS';
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_certificate /etc/nginx/certs/domain.tdl.crt;
ssl_certificate_key /etc/nginx/certs/domain.tdl.key;
ssl_dhparam /etc/nginx/certs/domain.tdl.dhparam.pem;
add_header Strict-Transport-Security "max-age=31536000";
include /etc/nginx/vhost.d/default;
location/{
root /var/www/html;
include conf.d/fastcgi.conf;
fastcgi_pass domain.tdl;
}
}
Warum mein nginx-Proxy-Container nicht meine Website sehen kann? Habe ich etwas mit Häfen vermasselt?
remove 'upstream domain.tdl { ## Kann mit" nginx-proxy "-Netzwerk verbunden sein # test Server 172.18.0.2:9000; } 'Es gibt keine Garantie, dass der nginx-php-fpm Container diese Adresse erhält. jwilder/nginx-proxy findet den passenden Container nach Domain (domain.tld in Ihrem Fall). –