Tengo Nginx ejecutándose como proxy inverso frente a Apache Guacamole. Todo funciona bien al acceder a través de la dirección IP con XX.XX.XX.XX:8443. Sin embargo, no puedo acceder a través del nombre del servidor con "www.trainingserver1.com:8443". Aquí está el archivo mysite.template:
server {
listen 80 default_server;
server_name _;
return 444 "No server is currently configured for the requested host." ;
}
server {
listen 443 ssl;
server_name *.trainingserver1.com;
ssl_certificate /etc/nginx/ssl/self.cert;
ssl_certificate_key /etc/nginx/ssl/self-ssl.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling off;
ssl_stapling_verify off;
# resolver 8.8.8.8 8.8.4.4 valid=300s;
# resolver_timeout 5s;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
proxy_pass http://guacamole:8080;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_cookie_path /guacamole/ /;
access_log off;
# allow large uploads (default=1m)
# 4096m = 4GByte
client_max_body_size 4096m;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
Aquí está el archivo nginx.conf:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
Y por último aquí está el docker-compose.yml que inicia todo:
version: '3'
networks:
guacnetwork:
driver: bridge
services:
guacamole:
image: oznu/guacamole
container_name: guacamole
volumes:
- postgres:/config
restart: always
networks:
guacnetwork:
expose:
- 8080
restart: always
nginx:
restart: always
image: nginx
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro
- ./nginx/mysite.template:/etc/nginx/conf.d/mysite.template
- ./nginx/ssl:/etc/nginx/ssl
ports:
- 8443:443
## environment:
## - NGINX_HOST=nginx
## - NGINX_PORT=443
links:
- guacamole
networks:
guacnetwork:
# install openssl, create self-signed certificate and run nginx
command: /bin/bash -c "apt-get -y update && apt-get -y install openssl && openssl req -nodes -newkey rsa:2048 -new -x509 -keyout /etc/nginx/ssl/self-ssl.key -out /etc/nginx/ssl/self.cert -subj '/C=DE/ST=BY/L=Hintertupfing/O=Dorfwirt/OU=Theke/CN=www.createyourown.domain/[email protected]' && cp -f -s /etc/nginx/conf.d/mysite.template /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'"
volumes:
postgres:
driver: local
Editar:
Todo en la configuración de Nginx resultó estar bien. Este fue un simple problema de registro DNS. Una vez que se arregló el registro DNS, se pudo acceder al servidor Nginx enwww.trainingserver1.com:8443.
Respuesta1
El mensaje de error DNS_PROBE_FINISHED_NXDOMAIN
indica que la URL a la que intenta acceder no se puede resolver.
Debe crear el registro DNS para esa URL.