Docker部署后，非443端口域名反代图床服务配置问题 #7

lovebetterworld · 2022-04-24T01:29:30Z

麻烦问下，docker部署好lskypro后，用nginx加了https证书，只是给LskyPro加了个Https为什么？
图片上传上去后，图片的URL还是http://ip:port这种格式
麻烦问下什么问题？
还是需要改动其他地方吗？

HalcyonAzure · 2022-04-24T01:31:40Z

不是很清楚你说的只是给LskyPro加了个Https是啥意思，有具体一点的例子吗？

lovebetterworld · 2022-04-24T02:56:36Z

您好，我用docker部署好后，这是nginx配置文件，我用8443无法访问。
server {
listen 8443 ssl;
server_name www.lovebetterworld.com;

	root /var/project/lskypro/public;
	index  index.php index.html index.htm;
	charset UTF-8;
	
    ssl_certificate /usr/local/nginx/lskypro/6868995_xxxx.pem; 
    ssl_certificate_key /usr/local/nginx/lskypro/6868995_xxxxx.key; 
	
    ssl_session_timeout 5m;
	
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; 
    ssl_prefer_server_ciphers on;
	
	fastcgi_connect_timeout 300;
	fastcgi_read_timeout 300;
	fastcgi_send_timeout 300;
	fastcgi_buffer_size 64k;
	fastcgi_buffers   4 32k;
	fastcgi_busy_buffers_size 64k;
	fastcgi_temp_file_write_size 64k;
	
    location / {
		if (!-e $request_filename) {
			rewrite ^(.*)$ /index.php?s=$1 last; break;
		}
    }
	
	location ~ \.php(.*)$ {
		root /var/project/lsky/public;
		fastcgi_pass   xxxxxx:8090;
		fastcgi_index index.php;
		fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_param PATH_INFO $fastcgi_path_info;
		fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
		include  fastcgi_params;
	}
	
	error_page  404              /404.html;

	error_page   500 502 503 504  /50x.html;
	location = /50x.html {
	  root   html;
	}
}

麻烦问下是哪里有问题吗？

lovebetterworld · 2022-04-24T03:06:39Z

即通过域名https://www.lovebetterworld.com:8443/ 访问不到，是哪里配置有问题吗？

HalcyonAzure · 2022-04-24T09:10:53Z

即通过域名https://www.lovebetterworld.com:8443/ 访问不到，是哪里配置有问题吗？

配置文件里面的fastcgi_pas这块配置我自己没有用过，仅用proxy_pass的话是可以成功的，我贴下我自己在443端口的配置文件也许可以参考一下

lsky.halc.top.conf

server {
    listen 443; # ssl http2;
    listen [::]:443; # ssl http2;
    server_name lsky.halc.top;

    # SSL
    ssl_certificate /etc/letsencrypt/live/lsky.halc.top/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/lsky.halc.top/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/lsky.halc.top/chain.pem;

    # security
    include nginxconfig.io/security.conf;

    # reverse proxy
    location / {
        proxy_redirect off;
        proxy_pass http://127.0.0.1:6325;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_set_header Upgrade-Insecure-Requests 1;
        proxy_set_header X-Forwarded-Proto https;

        client_max_body_size 100m;
        client_body_buffer_size 128k;

        proxy_buffer_size 4k;
        proxy_buffers 4 32k;
        proxy_busy_buffers_size 64k;
        proxy_temp_file_write_size 64k;
    }

    # additional config
    include nginxconfig.io/general.conf;
}

另外根据之前别人在Lsky-Pro下面的提问来看，如果反代非443端口也许会出现掉端口的情况，可以搜索下相关解决方案。

我自己算是Nginx小白，所以也不是很清楚具体原因，希望能有所帮助:crying_cat_face:

lovebetterworld · 2022-04-25T01:46:38Z

哈哈哈哈，我找到问题所在了，已解决。
给你说下解决思路，nginx配置的问题。
非443端口的SSL配置，
server {
listen 8443 ssl;
server_name XXXXXXXXXXX.com;
ssl_certificate XXXXXXXXXXX.pem;
ssl_certificate_key XXXXXXXXXXX.key;
# 此处省略一堆SSL配置

    location / {
        proxy_pass http://127.0.0.1:8090;
        # 此处后面加了端口号，因为此处，排查了两天问题
        proxy_set_header Host $host:8443;
        # 就是上面这个玩意，后面加上端口接口，很早之前，两三年前遇到过类似的问题
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header REMOTE-HOST $remote_addr;
    }
}

HalcyonAzure · 2022-04-25T01:48:32Z

哈哈哈哈，我找到问题所在了，已解决。给你说下解决思路，nginx配置的问题。非443端口的SSL配置， server { listen 8443 ssl; server_name XXXXXXXXXXX.com; ssl_certificate XXXXXXXXXXX.pem; ssl_certificate_key XXXXXXXXXXX.key; # 此处省略一堆SSL配置
    location / {
        proxy_pass http://127.0.0.1:8090;
        # 此处后面加了端口号，因为此处，排查了两天问题
        proxy_set_header Host $host:8443;
        # 就是上面这个玩意，后面加上端口接口，很早之前，两三年前遇到过类似的问题
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header REMOTE-HOST $remote_addr;
    }
}

😉 解决就好，那我就把这个issues给close了

lovebetterworld · 2022-04-25T01:52:55Z

好的好的。多谢。

HalcyonAzure closed this as completed Apr 25, 2022

HalcyonAzure added the good first issue Good for newcomers label Apr 25, 2022

HalcyonAzure changed the title ~~Docker部署后，图片URL如何修改~~ Docker部署后，非443端口域名反代图床服务配置问题 Jan 13, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Docker部署后，非443端口域名反代图床服务配置问题 #7

Docker部署后，非443端口域名反代图床服务配置问题 #7

lovebetterworld commented Apr 24, 2022

HalcyonAzure commented Apr 24, 2022

lovebetterworld commented Apr 24, 2022

lovebetterworld commented Apr 24, 2022

HalcyonAzure commented Apr 24, 2022

lovebetterworld commented Apr 25, 2022

HalcyonAzure commented Apr 25, 2022

lovebetterworld commented Apr 25, 2022

Docker部署后，非443端口域名反代图床服务配置问题 #7

Docker部署后，非443端口域名反代图床服务配置问题 #7

Comments

lovebetterworld commented Apr 24, 2022

HalcyonAzure commented Apr 24, 2022

lovebetterworld commented Apr 24, 2022

lovebetterworld commented Apr 24, 2022

HalcyonAzure commented Apr 24, 2022

lovebetterworld commented Apr 25, 2022

HalcyonAzure commented Apr 25, 2022

lovebetterworld commented Apr 25, 2022