我有一個我不知道為什么的問題?我繼續從url解釋了如何“如何使用 Nginx、Let's Encrypt 和 Docker Compose 保護容器化 Node.js 應用程式” 。所有步驟都為我運行,但是當我打開站點時,似乎存在 ssl 問題。 https://bgcar-egy.com/
我的代碼 nginx.conf
upstream loadbalancer {
server app1:6901;
}
server {
listen 80;
listen [::]:80;
server_name bgcar-egy.com;
root /var/www/html;
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|txt|html)$ {
expires max;
log_not_found off;
}
location / {
proxy_pass http://loadbalancer;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_read_timeout 3600;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name bgcar-egy.com;
root /var/www/html;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/bgcar-egy.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bgcar-egy.com/privkey.pem;
# ssl_dhparam /etc/ssl/certs/dhparam.pem;
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|txt|html)$ {
expires max;
log_not_found off;
}
location / {
proxy_pass https://loadbalancer;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# enable strict transport security only if you understand the implications
}
}
碼頭工人-compose.yml
services:
app1:
depends_on:
- database
- redis
build: ./node
restart: always
env_file: ./.env
ports:
- $NODE_DOCKER_PORT:$NODE_LOCAL_PORT
stdin_open: true
tty: true
volumes:
- ./node:/src/app
- ./html:/public
nginx2:
build: ./nginx
ports:
- '80:80'
- '443:443'
volumes:
- ./html:/var/www/html
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf
- ./certbot/etc:/etc/letsencrypt
- ./certbot/lib:/var/lib/letsencrypt
- ./certbot/dhparam:/etc/ssl/certs
depends_on:
- app1
stdin_open: true
tty: true
certbot:
image: certbot/certbot
container_name: certbot
volumes:
- ./certbot/etc:/etc/letsencrypt
- ./certbot/lib:/var/lib/letsencrypt
- ./html:/var/www/html
depends_on:
- nginx2
command: certonly --webroot --webroot-path=/var/www/html --email [email protected] --agree-tos --no-eff-email --staging -d bgcar-egy.com -d www.bgcar-egy.com
volumes:
web-root:
driver: local
driver_opts:
type: none
device: /home/website/node/views/
o: bind
uj5u.com熱心網友回復:
您運行 certbot--staging生成不受任何瀏覽器信任的測驗證書,洗掉該選項,清理檔案并重試。
轉載請註明出處,本文鏈接:https://www.uj5u.com/qukuanlian/511175.html