问题:
从我的 Windows 机器上的浏览器,我可以通过以下方式访问默认的 django 页面:
来自同一台 Windows 机器:
所以我知道从互联网到内部 docker 容器的路由是有效的。
注意: django 应用程序是显示 django 默认页面的最低要求
我的家庭实验室设置
注意:使用cloudflare原始证书,而不是letsencrypt
traefik docker-compose.yml 文件是:
networks:
mynet:
external: true
services:
traefik:
image: docker.io/library/traefik:2.11.2
container_name: traefik
ports:
- 80:80
- 443:443
# -- (Optional) Enable Dashboard, don't do in production
- 8080:8080
environment:
- CF_DNS_API_TOKEN=[cloudflare token]
- TZ=[local timezone]
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./config/traefik.yml:/etc/traefik/traefik.yml:ro # For the static configuration
- ./config/config.yml:/etc/traefik/config.yml:ro # For any dynamic configuration you add
- ./certs:/certs:ro # location for the certs
- ./logs:/var/log/traefik
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.traefik-auth.basicauth.users=admin:[password]"
- "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
- "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.traefik.entrypoints=web"
- "traefik.http.routers.traefik.rule=Host(`monitor.example.com`)"
- "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
- "traefik.http.routers.traefik-secure.entrypoints=websecure"
- "traefik.http.routers.traefik-secure.rule=Host(`monitor.example.com`)"
- "traefik.http.routers.traefik-secure.service=api@internal"
- "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
- "traefik.http.routers.traefik-secure.tls=true"
networks:
- mynet
django 应用程序的 traefik config.yml 是:
tls:
certificates:
- certFile: /certs/[origin cert].crt
keyFile: /certs/[origin cert].key
http:
routers:
django:
rule: "Host(`example.com`) || Host(`www.example.com`)"
entryPoints:
- "web"
service: django
services:
django:
loadBalancer:
servers:
- url: "http://192.168.1.100:5000"
在 traefik.yml 文件中:
global:
checkNewVersion: false
sendAnonymousUsage: false
log:
level: INFO
api:
dashboard: true
insecure: true
entryPoints:
web:
address: :80
# http: # commenting this out to just try getting http working first
# redirections:
# entryPoint:
# to: websecure
# scheme: https
websecure:
address: :443
serversTransport:
insecureSkipVerify: true
providers:
docker:
endpoint: "unix:///var/run/docker.sock"
exposedByDefault: false
network: mynet
file:
filename: /etc/traefik/config.yml
watch: true
django docker-compose 文件是:
volumes:
production_postgres_data: {}
production_postgres_data_backups: {}
production_django_media: {}
networks:
mynet:
external: true
services:
django:
build:
context: .
dockerfile: ./compose/production/django/Dockerfile
image: project_production_django
container_name: project_production_django
volumes:
- production_django_media:/app/project/media
depends_on:
- postgres
env_file:
- ./.envs/.production/.django
- ./.envs/.production/.postgres
networks:
- mynet
ports:
- 5000:5000
command: /start
postgres:
build:
context: .
dockerfile: ./compose/production/postgres/Dockerfile
image: project_production_postgres
container_name: project_production_postgres
volumes:
- production_postgres_data:/var/lib/postgresql/data
- production_postgres_data_backups:/backups
env_file:
- ./.envs/.production/.postgres
networks:
- mynet
在 django 设置中我有
ALLOWED_HOSTS = ["localhost", "127.0.0.1", "192.168.1.100", ".example.com",]
还需要其他信息吗?
那么我错过了什么...:o(
提前干杯
我不知道如何使用 config.yml 指向我的 django 服务,即使用什么 URL。
但是,我确实通过在 docker compose 文件中向 django 服务添加标签(最初源自 django-cookiecutter)来使其工作。
提醒:我没有使用 certresolver/LetsEncrypt,而是使用来自 cloudflare 的源服务器证书。
显然将 example.com 替换为您的域名。
volumes:
production_postgres_data: {}
production_postgres_data_backups: {}
# production_traefik: {}
production_django_media: {}
networks:
mynet:
external: true
services:
django:
build:
context: .
dockerfile: ./compose/production/django/Dockerfile
image: project_production_django
volumes:
- production_django_media:/app/project/media
depends_on:
- postgres
env_file:
- ./.envs/.production/.django
- ./.envs/.production/.postgres
labels:
- "traefik.enable=true" # This option overrides the provider value of exposedByDefault.
- "traefik.http.routers.django.rule=Host(`example.com`)"
- "traefik.http.services.django.loadbalancer.server.port=5000"
- "traefik.http.routers.django.tls=true"
networks:
- mynet
ports:
- 5000:5000
command: /start
postgres:
build:
context: .
dockerfile: ./compose/production/postgres/Dockerfile
image: project_production_postgres
# container_name: project_production_postgres
volumes:
- production_postgres_data:/var/lib/postgresql/data
- production_postgres_data_backups:/backups
env_file:
- ./.envs/.production/.postgres
networks:
- mynet