Nginx 역방향 프록시에서 Nextcloud 공유가 작동하지 않습니다.

Question

내가 찾은 것은 프록시 뒤의 nextcloud 컨테이너 앞에 nginx 컨테이너를 사용하는 것입니다. 이를 위해서는 자신만의 nginx.conf를 추가해야 합니다. 이와 같은 ymal 파일.

version: '2'
services:
  web:
    image: nginx
    container_name: nextcloud_webserver
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
    links:
      - app
    volumes_from:
      - app
    environment:
      - VIRTUAL_HOST=nextcloud_url
      - VIRTUAL_NETWORK=nextcloud_network
      - VIRTUAL_PORT=80
      - LETSENCRYPT_HOST=nextcloud_url
      - LETSENCRYPT_EMAIL=uremailforthe
    networks:
      - proxy-tier
    restart: unless-stopped

  app:
    image: nextcloud:fpm
    container_name: nextcloud_app
    links:
      - db
    volumes:
      - ./nextcloud/apps:/var/www/html/apps
      - ./nextcloud/config:/var/www/html/config
      - ./nextcloud/data:/var/www/html/data
    networks:
      - proxy-tier
    restart: unless-stopped

  db:
    image: mariadb
    container_name: db
    volumes:
      - ./db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=urpassword
      - MYSQL_DATABASE=urdbname
      - MYSQL_USER=mysqluser
      - MYSQL_PASSWORD=mysqluserpassword
    networks:
      - proxy-tier
    restart: unless-stopped

networks:
  proxy-tier:
    external:
      name: nextcloud_network

그런 다음 docker-compose up 파일을 실행하는 동일한 위치에 다음 nginx 파일을 추가합니다.

user www-data;

    events {

     worker_connections 768;
    }
    
    http {
     upstream backend {
       server app:9000;
     }
     include /etc/nginx/mime.types;
     default_type application/octet-stream;
    
     server {
      listen 80;
    
      # Add headers to serve security related headers
      add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
      add_header X-Content-Type-Options nosniff;
      add_header X-XSS-Protection "1; mode=block";
      add_header X-Robots-Tag none;
      add_header X-Download-Options noopen;
      add_header X-Permitted-Cross-Domain-Policies none;
    
      root /var/www/html;
      client_max_body_size 10G; # 0=unlimited - set max upload size
      fastcgi_buffers 64 4K;
    
      gzip on;
      gzip_vary on;
      gzip_min_length 10240;
      gzip_proxied expired no-cache no-store private auth;
      gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
      gzip_disable "MSIE [1-6]\.";
    
      index index.php;
      error_page 403 /core/templates/403.php;
      error_page 404 /core/templates/404.php;
    
      rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
      rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
    
      location = /robots.txt {
       allow all;
       log_not_found off;
       access_log off;
      }
    
      location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
       deny all;
      }
    
      location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
       deny all;
      }
    
      location / {
       rewrite ^/remote/(.*) /remote.php last;
       rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
       try_files $uri $uri/ =404;
      }
    
      location ~ \.php(?:$|/) {
       fastcgi_split_path_info ^(.+\.php)(/.+)$;
       include fastcgi_params;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       fastcgi_param HTTPS on;
       fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
       fastcgi_pass backend;
       fastcgi_intercept_errors on;
      }
    
      # Adding the cache control header for js and css files
      # Make sure it is BELOW the location ~ \.php(?:$|/) { block
      location ~* \.(?:css|js)$ {
       add_header Cache-Control "public, max-age=7200";
       # Add headers to serve security related headers
       add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
       add_header X-Content-Type-Options nosniff;
       add_header X-Frame-Options "SAMEORIGIN";
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Robots-Tag none;
       add_header X-Download-Options noopen;
       add_header X-Permitted-Cross-Domain-Policies none;
       # Optional: Don't log access to assets
       access_log off;
      }
    
      # Optional: Don't log access to other assets
      location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
       access_log off;
      }
     }
    
    }

Answer 1

내가 찾은 것은 프록시 뒤의 nextcloud 컨테이너 앞에 nginx 컨테이너를 사용하는 것입니다. 이를 위해서는 자신만의 nginx.conf를 추가해야 합니다. 이와 같은 ymal 파일.

version: '2'
services:
  web:
    image: nginx
    container_name: nextcloud_webserver
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf:ro
    links:
      - app
    volumes_from:
      - app
    environment:
      - VIRTUAL_HOST=nextcloud_url
      - VIRTUAL_NETWORK=nextcloud_network
      - VIRTUAL_PORT=80
      - LETSENCRYPT_HOST=nextcloud_url
      - LETSENCRYPT_EMAIL=uremailforthe
    networks:
      - proxy-tier
    restart: unless-stopped

  app:
    image: nextcloud:fpm
    container_name: nextcloud_app
    links:
      - db
    volumes:
      - ./nextcloud/apps:/var/www/html/apps
      - ./nextcloud/config:/var/www/html/config
      - ./nextcloud/data:/var/www/html/data
    networks:
      - proxy-tier
    restart: unless-stopped

  db:
    image: mariadb
    container_name: db
    volumes:
      - ./db:/var/lib/mysql
    environment:
      - MYSQL_ROOT_PASSWORD=urpassword
      - MYSQL_DATABASE=urdbname
      - MYSQL_USER=mysqluser
      - MYSQL_PASSWORD=mysqluserpassword
    networks:
      - proxy-tier
    restart: unless-stopped

networks:
  proxy-tier:
    external:
      name: nextcloud_network

그런 다음 docker-compose up 파일을 실행하는 동일한 위치에 다음 nginx 파일을 추가합니다.

user www-data;

    events {

     worker_connections 768;
    }
    
    http {
     upstream backend {
       server app:9000;
     }
     include /etc/nginx/mime.types;
     default_type application/octet-stream;
    
     server {
      listen 80;
    
      # Add headers to serve security related headers
      add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
      add_header X-Content-Type-Options nosniff;
      add_header X-XSS-Protection "1; mode=block";
      add_header X-Robots-Tag none;
      add_header X-Download-Options noopen;
      add_header X-Permitted-Cross-Domain-Policies none;
    
      root /var/www/html;
      client_max_body_size 10G; # 0=unlimited - set max upload size
      fastcgi_buffers 64 4K;
    
      gzip on;
      gzip_vary on;
      gzip_min_length 10240;
      gzip_proxied expired no-cache no-store private auth;
      gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
      gzip_disable "MSIE [1-6]\.";
    
      index index.php;
      error_page 403 /core/templates/403.php;
      error_page 404 /core/templates/404.php;
    
      rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
      rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
    
      location = /robots.txt {
       allow all;
       log_not_found off;
       access_log off;
      }
    
      location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
       deny all;
      }
    
      location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
       deny all;
      }
    
      location / {
       rewrite ^/remote/(.*) /remote.php last;
       rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
       try_files $uri $uri/ =404;
      }
    
      location ~ \.php(?:$|/) {
       fastcgi_split_path_info ^(.+\.php)(/.+)$;
       include fastcgi_params;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
       fastcgi_param HTTPS on;
       fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
       fastcgi_pass backend;
       fastcgi_intercept_errors on;
      }
    
      # Adding the cache control header for js and css files
      # Make sure it is BELOW the location ~ \.php(?:$|/) { block
      location ~* \.(?:css|js)$ {
       add_header Cache-Control "public, max-age=7200";
       # Add headers to serve security related headers
       add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
       add_header X-Content-Type-Options nosniff;
       add_header X-Frame-Options "SAMEORIGIN";
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Robots-Tag none;
       add_header X-Download-Options noopen;
       add_header X-Permitted-Cross-Domain-Policies none;
       # Optional: Don't log access to assets
       access_log off;
      }
    
      # Optional: Don't log access to other assets
      location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
       access_log off;
      }
     }
    
    }

Nginx 역방향 프록시에서 Nextcloud 공유가 작동하지 않습니다.

답변1

관련 정보