nginx proxy_pass 僅適用於完整檔名

nginx proxy_pass 僅適用於完整檔名

我有一個 nginx,它應該將路徑 domain.de/pihole/* 代理到運行 pihole 的 docker 容器。如果我使用 docker dontainer 的 IP (172.20.0.2),則載入 index.php,172.20.0.2/admin 和 172.20.0.2/admin/index.php 也可以運作。如果我使用domain.de/pihole 或domain.de/pihole/admin,我會得到404。這是我的 /etc/nginx/sites-available/default:

server {
        listen 80 default_server;
        listen [::]:80 default_server;
 root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
                #proxy_pass http://172.20.0.2:25565;
        }
        location /pihole/ {
                proxy_pass http://172.20.0.2:80/;
                proxy_http_version 1.1;
                proxy_set_header Host $host:$server_port;
                proxy_set_header Referer $http_referer;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header X-Forwarded-Ssl on;
                proxy_set_header X-Nginx-Proxy true;
                proxy_set_header X-Client-Verify $ssl_client_verify;
                proxy_set_header X-Client-DN $ssl_client_s_dn;
                proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_redirect off;

        }
}

我有什麼想法必須改變(我從serverfault複製了大部分“proxy_set_header”內容)?

答案1

/請刪除該行的尾部proxy_pass。文件中描述了原因 代理通行證

引用:

如果在沒有指定 URI 的情況下指定 proxy_pass,則在處理原始請求時,請求 URI 將以與客戶端發送的格式相同的形式傳遞到伺服器,或者在處理更改的 URI 時傳遞完整規範化的請求 URI:

location /some/path/ {
    proxy_pass http://127.0.0.1;
}

答案2

用這個位置塊解決了

location /pihole/ {
    proxy_http_version 1.1;
    proxy_set_header Referer $http_referer;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-Ssl on;
    proxy_set_header X-Nginx-Proxy true;
    proxy_set_header X-Client-Verify $ssl_client_verify;
    proxy_set_header X-Client-DN $ssl_client_s_dn;
    proxy_set_header X-SSL-Issuer $ssl_client_i_dn;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://172.20.0.2/admin/;
}

我使用了一些帶有斜杠的嘗試和錯誤以及 pihole 需要/admin在 url 中的事實(我之前不知道)

相關內容