How to correctly set up Nginx in a server with all applications running in Docker - Stack Overflow

admin管理员组

文章数量:1295887

I have been trying to figure out how to setup nginx correctly for a long time without success. All my searchs on the internet have given me the same answer, but it does not work.

My objective:

I want to have an admin url (admin.mysite) that is running Heimdall, with the links in Heimdall pointing to the other admin services. In this example, I will user Duplicati and PGAdmin.

Here is a simplified version of what I have in nginx.conf:

events {
}
http {
    # redirect all http traffic to use https  
    server {
        listen 80;
        server_name _;

        location /.well-known/acme-challenge/ {
            root /var/www/certbot;
        }

        location / {
            return 301 https://$host$request_uri;
        }
    }

    server {
        listen 443 ssl;
        server_name mysite;

        ssl_certificate /etc/letsencrypt/live/mysite/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/mysite/privkey.pem;
        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

        location / {
            proxy_pass http://mysite-web/; # hostname set in docker compose
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection keep-alive;
            proxy_cache_bypass $http_upgrade;
        }
    }

    server {
        listen 443 ssl;
        server_name admin.mysite;

        ssl_certificate /etc/letsencrypt/live/mysite/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/mysite/privkey.pem;
        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

        location / {
            proxy_pass http://mysite-heimdall/; # hostname set in docker compose
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection keep-alive;
            proxy_cache_bypass $http_upgrade;
        }

        location /duplicati {
            proxy_pass http://mysite-duplicati/;
        }

        location /database {
            proxy_pass http://mysite-database/;
        }
    }
}

I ommited the api endpoints for simplicity, but accessing mysite and api.mysite (ommited) works withou any problems.

The Problem:

Accessing admin.mysite also works without issues, however when I navigate to admin.mysite/duplicati/, I expected to see the duplicati interface. Yet I receive an 502 (bad Gateway) When I try to navigate to admin.mysite/database/, I expected to see Pg Admin interface, but I get redirected to admin.mysite/

My Question:

How can I achieve, that when I navigate to admin.mysite/duplicati/ or admin.mysite/database/, I see the interface of those applications?

Here is how the docker-compose looks like:

services:
   web:
    image: ${DOCKER_REGISTRY-}website
    container_name: Web
    restart: unless-stopped
    hostname: mysite-web
    build:
      context: src
      dockerfile: /Dockerfile
    environment:
      - ASPNETCORE_ENVIRONMENT=${ENVIRONMENT}
      - ASPNETCORE_URLS=:80
      - ApiUrl=:80
    ports:
      - "8000:80"

  pgadmin:
    image: dpage/pgadmin4:latest
    container_name: PgAdmin
    user: root
    restart: unless-stopped
    hostname: mysite-database
    environment:
      PGADMIN_DEFAULT_EMAIL: ${PGADMIN_USERNAME}
      PGADMIN_DEFAULT_PASSWORD: ${PGADMIN_PASSWORD}
    ports:
      - "5050:80"
    volumes:
      - ${VOLUME_STORAGE}/pgadmin:/var/lib/pgadmin
  
  heimdall:
    image: lscr.io/linuxserver/heimdall:latest
    container_name: Heimdall
    restart: unless-stopped
    hostname: mysite-heimdall
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
    volumes:
      - ${VOLUME_STORAGE}/heimdall:/config
    ports:
      - 6000:80
      - 6001:443

  nginx:
    image: nginx:latest
    container_name: Nginx
    restart: unless-stopped
    volumes:
      - ${VOLUME_STORAGE}/nginx/nginx.conf:/etc/nginx/nginx.conf:ro
      - ${VOLUME_STORAGE}/certbot/conf:/etc/letsencrypt
      - ${VOLUME_STORAGE}/certbot/www:/var/www/certbot
    ports:
      - "80:80"
      - "443:443"
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
  
  certbot:
    image: certbot/certbot
    container_name: Certbot
    restart: unless-stopped
    volumes:
      - ${VOLUME_STORAGE}/certbot/conf:/etc/letsencrypt
      - ${VOLUME_STORAGE}/certbot/www:/var/www/certbot
    entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"

  duplicati:
    image: lscr.io/linuxserver/duplicati:latest
    container_name: Duplicati
    hostname: mysite-duplicati
    restart: unless-stopped
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=Etc/UTC
      - SETTINGS_ENCRYPTION_KEY=${DUPLICATI_ENCRYPTION_KEY}
      - DUPLICATI__WEBSERVICE_PASSWORD=${DUPLICATI_PASSWORD}
    volumes:
      - ${VOLUME_STORAGE}/duplicati/config:/config
      - ${VOLUME_STORAGE}/duplicati/backups:/backups
      - ${VOLUME_STORAGE}/database:/database
    ports:
      - 8200:8200

本文标签： How to correctly set up Nginx in a server with all applications running in DockerStack Overflow