您好,我有谷歌云虚拟机,我有一个为我的应用程序提供服务的域, 现在我为我的 hasura 控制台创建另一个 ngnix 服务器配置, 我的应用程序在我的域上运行良好, 但当我尝试时 https://mydomain:8080 http://mydomain:8080 等 我无法访问 hasura 控制台;
此外,在 GCP 上我的所有端口都是开放且可访问的。
这是我的 docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
003e86e139a0 hasura/graphql-engine:v2.38.0 "/bin/sh -c '\"${HGE_…" 3 hours ago Up 12 minutes (healthy) 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp MYDOMAIN-hasura-graphql-engine-1
0ce2c666d641 postgres:15 "docker-entrypoint.s…" 4 days ago Up 12 minutes 5432/tcp MYDOMAIN-hasura-postgres-1
6991009d52e6 MYDOMAIN:latest "/nodejs/bin/node bu…" 5 days ago Up 5 days 3000/tcp bold_elion
这是我的站点可用域配置
GNU nano 7.2
server {
server_name MYDOMAIN.com;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/wepiik.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/wepiik.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://172.17.0.2:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
if ($host = MYDOMAIN.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name MYDOMAIN.com;
return 404; # managed by Certbot
}
server {
server_name hasura_MYDOMAIN;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/wepiik.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/wepiik.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://172.18.0.2:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
这是我的 hasura docker compose
GNU nano 7.2
services:
postgres:
image: postgres:15
restart: always
volumes:
- db_data:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: MYPASSWORD
graphql-engine:
image: hasura/graphql-engine:v2.38.0
ports:
- "8080:8080"
restart: always
environment:
## postgres database to store Hasura metadata
HASURA_GRAPHQL_METADATA_DATABASE_URL: postgres://postgres:postgrespassword@postgres:5432/postgres
## this env var can be used to add the above postgres database to Hasura as a data source. this can be removed/updated based on your needs
HASURA_GRAPHQL_ADMIN_SECRET: MYSECRET
PG_DATABASE_URL: postgres://postgres:postgrespassword@postgres:5432/postgres
## enable the console served by server
HASURA_GRAPHQL_ENABLE_CONSOLE: "true" # set to "false" to disable console
## enable debugging mode. It is recommended to disable this in production
HASURA_GRAPHQL_DEV_MODE: "true"
HASURA_GRAPHQL_ENABLED_LOG_TYPES: startup, http-log, webhook-log, websocket-log, query-log
## uncomment next line to run console offline (i.e load console assets from server instead of CDN)
# HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: /srv/console-assets
## uncomment next line to set an admin secret
# HASURA_GRAPHQL_ADMIN_SECRET: myadminsecretkey
HASURA_GRAPHQL_METADATA_DEFAULTS: '{"backend_configs":{"dataconnector":{"athena":{"uri":"http://data-connector-agent:8081/api/v1/athena"},"mariadb":{"uri":"http://data>
volumes:
db_data:
您的配置
proxy_pass http://172.18.0.2:8080;
假设此IP地址对应于Hasura容器的内部Docker IP。然而,Docker 通常会动态地将 IP 地址分配给容器。这意味着每次容器重新启动时,它可能会被分配一个新的IP地址,使得Nginx中的静态IP设置失效。
我建议使用 Docker Compose 中定义的服务名称来连接 Hasura。例如,如果 Docker Compose 中的 Hasura 服务名为 graphql-engine,那么您可以使用此别名作为 Nginx 中的主机名:
proxy_pass http://graphql-engine:8080;
此服务名称将自动解析为 Docker 网络中的当前 IP 地址。