我一直在嘗試在 nexus 上設定私有 docker 存盤庫,托管在數字海洋水滴上,前面有一個 nginx。似乎 nexus 和 maven 存盤庫作業得很好,但 docker 存盤庫卻不行。我能找到的最相關的答案是這個SO answer,但它讓我無處可去。
我的 docker-compose 檔案配置如下:
version: "3.5"
services:
nexus:
image: sonatype/nexus3:${NEXUS_VERSION}
restart: always
container_name: nexus
ports:
- "8081:8081"
- "8090:8090"
- "8091:8091"
volumes:
- ./nexus/data:/nexus-data
- ./nexus/logs:/opt/sonatype/sonatype-work/nexus3/log
nginx:
image: nginx:${NGINX_VERSION}
container_name: nginx
restart: always
ports:
- "80:80"
- "8092:8092"
- "8093:8093"
- "443:443"
volumes:
- ./nginx/:/etc/nginx/conf.d/:ro
- ./nginx/certs:/etc/nginx/ssl/:ro
- ./nginx/logs:/var/log/nginx/
我的 nginx.config:
proxy_send_timeout 120;
proxy_read_timeout 300;
proxy_buffering off;
tcp_nodelay on;
client_max_body_size 0;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
server {
listen 443 ssl;
location / {
proxy_pass http://nexus:8081/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 8092 ssl;
location / {
proxy_pass http://nexus:8090/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
access_log /var/log/nginx/access-docker-group.log;
}
}
server {
listen 8093 ssl;
location / {
proxy_pass http://nexus:8091/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto $scheme;
access_log /var/log/nginx/access-docker-private.log;
}
}
sudo lsof -i -P -n | grep LISTEN液滴中的輸出:
docker-pr 137657 root 4u IPv4 1088073 0t0 TCP *:8091 (LISTEN)
docker-pr 137664 root 4u IPv6 1088080 0t0 TCP *:8091 (LISTEN)
docker-pr 137679 root 4u IPv4 1088811 0t0 TCP *:8090 (LISTEN)
docker-pr 137684 root 4u IPv6 1088814 0t0 TCP *:8090 (LISTEN)
docker-pr 137698 root 4u IPv4 1088831 0t0 TCP *:8081 (LISTEN)
docker-pr 137704 root 4u IPv6 1088834 0t0 TCP *:8081 (LISTEN)
docker-pr 144216 root 4u IPv4 1108464 0t0 TCP *:8093 (LISTEN)
docker-pr 144222 root 4u IPv6 1109509 0t0 TCP *:8093 (LISTEN)
docker-pr 144237 root 4u IPv4 1108483 0t0 TCP *:8092 (LISTEN)
docker-pr 144244 root 4u IPv6 1109530 0t0 TCP *:8092 (LISTEN)
docker-pr 144257 root 4u IPv4 1109551 0t0 TCP *:443 (LISTEN)
docker-pr 144262 root 4u IPv6 1109554 0t0 TCP *:443 (LISTEN)
docker-pr 144276 root 4u IPv4 1109575 0t0 TCP *:80 (LISTEN)
docker-pr 144281 root 4u IPv6 1109578 0t0 TCP *:80 (LISTEN)
但是每當我嘗試執行 docker login 時,我都會得到以下資訊:
Error response from daemon: Get "https://<domain>:8092/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
兩個 docker 訪問日志都是空的,所以我猜我的 nginx 配置是錯誤的,但我只是沒有看到它。
uj5u.com熱心網友回復:
事實證明我的設定是正確的。當我使用 droplet 的 IP 而不是域時,docker 登錄成功。這暗示了自定義 https 埠以某種方式被阻止的事實。所以我想到 cloudflare 可能會施加埠限制。瞧,我找到了他們的網路埠參考頁面并更改了我的埠docker-compose并設法讓它們docker login與我的域一起使用。
Cloudflare 支持的 HTTPS 埠
- 443
- 2053
- 2083
- 2087
- 2096
- 8443
希望這可以幫助。
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/515788.html
上一篇:子域的Nginx重定向