Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

通过Nginx 反向代理Https出现SELF_URL_PATH配置错误 #117

Closed
pastay opened this issue Jan 12, 2020 · 8 comments
Closed

通过Nginx 反向代理Https出现SELF_URL_PATH配置错误 #117

pastay opened this issue Jan 12, 2020 · 8 comments
Labels
bug

Comments

@pastay
Copy link

pastay commented Jan 12, 2020
edited
Loading

Bug 描述
通过Nginx 反向代理Https出现SELF_URL_PATH配置错误,无法启动(通过 域名:181可正常访问)

部署方法

  • docker-compose
  • 使用的镜像版本 latest

部署环境

  • 操作系统: Ubuntu 18.04
  • 浏览器: safari

复现步骤
认真阅读了文档,以及相关issue,反复尝试还是出现这种问题

预期结果
通过https正常访问

doker-compose配置

version: "3"
services:
  database.postgres:
    image: postgres:alpine
    container_name: postgres
    environment:
      - POSTGRES_PASSWORD=rrttrssrr! # please change the password
    volumes:
      - ~/postgres/data/:/var/lib/postgresql/data # persist postgres data to ~/postgres/data/ on the host
    restart: always

  service.rss:
    image: wangqiru/ttrss:latest
    container_name: ttrss
    ports:
      - 181:80
    environment:
      - SELF_URL_PATH=http://个人域名:181/ 
      - DB_HOST=database.postgres
      - DB_PORT=5432
      - DB_NAME=ttrss
      - DB_USER=postgres
      - DB_PASS=rrttrssrr!
      - ENABLE_PLUGINS=auth_internal,fever # auth_internal is required. Plugins enabled here will be enabled for all users as system plugins
    stdin_open: true
    tty: true
    restart: always
    command: sh -c 'sh /wait-for.sh $$DB_HOST:$$DB_PORT -- php /configure-db.php && exec s6-svscan /etc/s6/'

  service.mercury: # set Mercury Parser API endpoint to `service.mercury:3000` on TTRSS plugin setting page
    image: wangqiru/mercury-parser-api:latest
    container_name: mercury
    expose:
      - 3000
    restart: always

  service.opencc: # set OpenCC API endpoint to `service.opencc:3000` on TTRSS plugin setting page
    image: wangqiru/opencc-api-server:latest
    container_name: opencc
    environment:
      - NODE_ENV=production
    expose:
      - 3000
    restart: always

nginx配置文件 /etc/nginx/conf.d/ttrss.conf

upstream ttrssdev {
  server 127.0.0.1:181;
}

server {
    listen 80;
    server_name  myrss.ml;
    return 301 https://myrss.ml$request_uri;
}

server {
    listen 443 ssl;
    gzip on;
    server_name  myrss.ml;

    ssl_certificate /etc/letsencrypt/live/个人域名/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/个人域名/privkey.pem;

    access_log /var/log/nginx/ttrssdev_access.log combined;
    error_log  /var/log/nginx/ttrssdev_error.log;

    location / {
        proxy_redirect off;
        proxy_pass http://ttrssdev;

        proxy_set_header  Host                $http_host;
        proxy_set_header  X-Real-IP           $remote_addr;
        proxy_set_header  X-Forwarded-Ssl     on;
        proxy_set_header  X-Forwarded-For     $proxy_add_x_forwarded_for;
        proxy_set_header  X-Forwarded-Proto   $scheme;
        proxy_set_header  X-Frame-Options     SAMEORIGIN;

        client_max_body_size        100m;
        client_body_buffer_size     128k;

        proxy_buffer_size           4k;
        proxy_buffers               4 32k;
        proxy_busy_buffers_size     64k;
        proxy_temp_file_write_size  64k;
    }
}

请问是否哪里的配置出现了问题吗?

批注 2020-01-12 175925

其他
已经尝试过将SELF_URL_PATH替换成ip127.0.0.1或者https://域名 均无法解决问题
@pastay pastay added the bug label Jan 12, 2020
@HenryQW
Copy link
Owner

HenryQW commented Jan 12, 2020

请重新部署,然后检查 docker logs ttrss -f

@HenryQW
Copy link
Owner

HenryQW commented Jan 12, 2020
edited
Loading

并且你的 compose 配置根本就是错的,SELF_URL_PATH=http://个人域名:181/
这里应该填写你的 https://whatever.com 最终访问地址,我会更新相关文档高亮这一点。
开 issue 前麻烦仔细搜索现有 issue 并阅读相关评论,你会发现解决方案就在里面。
#62 (comment)
#19 (comment)

@HenryQW HenryQW closed this as completed Jan 12, 2020
@pastay
Copy link
Author

pastay commented Jan 12, 2020

感谢回复,我尝试过去掉端口,更改SELF_URL_PATH=http://mydomin.com 或者 SELF_URL_PATH=https://mydomin.com 均未成功。也看过相关issue。
以下是SELF_URL_PATH=http://mydomin.com(未加端口)的日志

[12-Jan-2020 14:10:36] NOTICE: fpm is running, pid 21
[12-Jan-2020 14:10:36] NOTICE: ready to handle connections
[14:10:37/22] Spawn interval: 120 sec
[14:10:37/22] [MASTER] installing shutdown handlers
[14:10:37/22] [MASTER] spawned client 0 [PID:27]...
[14:10:37/22] [MASTER] spawned client 1 [PID:28]...
[14:10:37/30] Using task id 1
[14:10:37/30] Lock: update_daemon-28.lock
[14:10:37/29] Using task id 0
[14:10:37/29] Lock: update_daemon-27.lock
[14:10:37/30] Waiting before update (5)
[14:10:37/29] Waiting before update (0)
[14:10:37/29] Scheduled 0 feeds to update...
[14:10:37/29] Sending digests, batch of max 15 users, headline limit = 1000
[14:10:37/29] All done.
[14:10:37/29] Expired cache/export: removed 0 files.
[14:10:37/29] Expired cache/feeds: removed 0 files.
[14:10:37/29] Expired cache/images: removed 0 files.
[14:10:37/29] Expired cache/upload: removed 0 files.
[14:10:37/29] Removed 0 old lock files.
[14:10:37/29] Removing old error log entries...
[14:10:37/29] Removing old archived feeds...
[14:10:37/29] Purged 0 orphaned posts.
[14:10:37/29] Removed 0 (feeds) 0 (cats) orphaned counter cache entries.
[14:10:38/22] [reap_children] child 27 reaped.
[14:10:38/22] [SIGCHLD] jobs left: 1
[14:10:42/30] Scheduled 0 feeds to update...
[14:10:42/30] Sending digests, batch of max 15 users, headline limit = 1000
[14:10:42/30] All done.
[14:10:43/22] [reap_children] child 28 reaped.
[14:10:43/22] [SIGCHLD] jobs left: 0

以下是SELF_URL_PATH=http://mydomin.com:181 (添加端口)的日志

[14:13:46/18] Spawn interval: 120 sec
[14:13:46/18] [MASTER] installing shutdown handlers
[14:13:46/18] [MASTER] spawned client 0 [PID:23]...
[14:13:46/18] [MASTER] spawned client 1 [PID:24]...
[12-Jan-2020 14:13:47] NOTICE: fpm is running, pid 20
[12-Jan-2020 14:13:47] NOTICE: ready to handle connections
[14:13:47/25] Using task id 1
[14:13:47/25] Lock: update_daemon-24.lock
[14:13:47/25] Waiting before update (5)
[14:13:47/26] Using task id 0
[14:13:47/26] Lock: update_daemon-23.lock
[14:13:47/26] Waiting before update (0)
[14:13:47/26] Scheduled 0 feeds to update...
[14:13:47/26] Sending digests, batch of max 15 users, headline limit = 1000
[14:13:47/26] All done.
[14:13:47/26] Expired cache/export: removed 0 files.
[14:13:47/26] Expired cache/feeds: removed 0 files.
[14:13:47/26] Expired cache/images: removed 0 files.
[14:13:47/26] Expired cache/upload: removed 0 files.
[14:13:47/26] Removed 0 old lock files.
[14:13:47/26] Removing old error log entries...
[14:13:47/26] Removing old archived feeds...
[14:13:47/26] Purged 0 orphaned posts.
[14:13:47/26] Removed 0 (feeds) 0 (cats) orphaned counter cache entries.
[14:13:48/18] [reap_children] child 23 reaped.
[14:13:48/18] [SIGCHLD] jobs left: 1
[14:13:52/25] Scheduled 0 feeds to update...
[14:13:52/25] Sending digests, batch of max 15 users, headline limit = 1000
[14:13:52/25] All done.
[14:13:53/18] [reap_children] child 24 reaped.
[14:13:53/18] [SIGCHLD] jobs left: 0

如果去掉端口,是否需要修改 compose里的此项?

ports:
      - 181:80

不好意思,我知道之前的issue里出现过类似的问题,我也确实认真看过相关评论,仍然没有找到症结。

@HenryQW
Copy link
Owner

HenryQW commented Jan 12, 2020 

ports:
      - 181:80

必须保留。

SELF_URL_PATH=https://mydomin.com 你漏了 s

HenryQW added a commit that referenced this issue Jan 12, 2020
@HenryQW
doc: highlight SELF_URL_PATH explanation
7d07fdf 
#62 #117
@HenryQW HenryQW mentioned this issue Jan 12, 2020
Closed
@pastay
Copy link
Author

pastay commented Jan 12, 2020

感谢您的帮助,成功了,我确认之前尝试过https,估计是手滑打错了。抱歉给您带来困扰。

@HenryQW
Copy link
Owner

HenryQW commented Jan 12, 2020

不客气,happy rssing 😄!

@forvoid
Copy link

forvoid commented Nov 13, 2021

谢谢大佬解决了我困扰了了多天的问题

proxy_redirect off;
        proxy_pass http://ttrssdev;

        proxy_set_header  Host                $http_host;
        proxy_set_header  X-Real-IP           $remote_addr;
        proxy_set_header  X-Forwarded-Ssl     on;
        proxy_set_header  X-Forwarded-For     $proxy_add_x_forwarded_for;
        proxy_set_header  X-Forwarded-Proto   $scheme;
        proxy_set_header  X-Frame-Options     SAMEORIGIN;

        client_max_body_size        100m;
        client_body_buffer_size     128k;

        proxy_buffer_size           4k;
        proxy_buffers               4 32k;
        proxy_busy_buffers_size     64k;
        proxy_temp_file_write_size  64k;

我没配置转发 https
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

@zfy68
Copy link

zfy68 commented Nov 29, 2021

尝试了几次,快放弃了,啊啊啊,终于OK

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@HenryQW @forvoid @pastay @zfy68