我有一个 dockerized Django React Nginx Web 应用程序。这是我的 docker-compose.yml:
services:
db:
image: postgres:13.2
container_name: _database
restart: always
volumes:
- ./database:/var/lib/postgresql/data
environment:
POSTGRES_DB:
POSTGRES_USER:
POSTGRES_PASSWORD:
ports:
- 5432:5432
backend:
build:
context: ./backend
dockerfile: dockerfile
container_name: backend_jkr
volumes:
# Source code directory:
- type: bind
source: ./backend
target: /app/backend
ports:
- "8000:8000"
stdin_open: true
tty: true
# command: sh -c "cd /app/backend && python3 manage.py runserver 0.0.0.0:8000"
frontend:
build:
context: ./frontend/
dockerfile: Dockerfile
container_name: frontend_jkr
volumes:
# Source code directory:
- type: bind
source: ./frontend
target: /app/frontend
- type: bind
source: ./frontend/node_modules
target: /app/frontend/node_modules
ports:
- "3001:3000"
#3001 el primero en produccion
environment:
- WATCHPACK_POLLING=true
- NODE_ENV=development
- CHOKIDAR_USEPOLLING=true
depends_on:
- backend
stdin_open: true
# command: npm start
nginx:
image: nginx:latest
container_name: nginx_jkr
build: .
restart: always
ports:
- "80:80"
volumes:
- ./nginx.conf:/nginx.conf:ro
- ./certbot/conf:/etc/letsencrypt
- ./certbot/www:/var/www/certbot
depends_on:
- backend
- frontend
certbot:
image: certbot/certbot
volumes:
- ./certbot/conf:/etc/letsencrypt
- ./certbot/www:/var/www/certbot
还有我的 nginx.conf 文件:
# Configuración para el backend Django
server {
listen 8000; # Puerto en el que se escucharán las solicitudes al backend
server_name IP localhost example.net www.example.net ; # Dirección IP del servidor
location / {
proxy_pass http://backend:8000; # Nombre del servicio Docker del backend Django
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# Configuración para servir el frontend React y manejar los desafíos de Certbot
server {
listen 80;
server_name IP example.net www.example.net;
# Configuración para servir el frontend React
location / {
root /usr/share/nginx/html;
index index.html;
try_files $uri /index.html =404;
}
location /api {
proxy_pass http://backend:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
# Configuración para manejar los desafíos de Certbot
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
# Configuración SSL
server {
listen 443 ssl;
server_name ip example.net www.example.net;
ssl_certificate /etc/letsencrypt/live/example.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.net/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
root /usr/share/nginx/html;
index index.html;
try_files $uri /index.html =404;
}
location /api {
proxy_pass http://backend:8000;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
我遇到这个问题
Certbot 无法对某些域进行身份验证(身份验证器:webroot)。证书颁发机构报告了以下问题: 域名:example.net 类型:未授权 详细信息:IP:来自 http://example.net/.well-known/acme-challenge/M9-0ibOqEMBk7v7140FwIlA2Qs-llCWxuSgJc9gl4No 的无效响应:“www.example.net 类型:未授权 详细信息:140.99.164.197:来自 http://www.example.net/.well-known/acme-challenge/3oEOXqPs2qJHls81-ImXqKtoGFE8v5Hc8wWbmqbgjtk 的响应无效:“
您是否更改了这篇文章的 example.net ?如果没有,您必须在 nginx.conf 中的 server_name 旁边和证书密钥中输入您的域名(您必须之前使用域名生成。请参阅https://certbot.eff.org/)
如果您想要一个更简单的工具,您可以使用 Nginx 代理管理器,您可以对其进行 dockerize,并直接在 Web 界面中管理您的 SSL 证书