无法在nginx docker容器上使用http2

我想使用http 2的nginx图像，但我尝试了很长时间的协议仍然使用http/1. 1
nginx的停靠文件：

FROM nginx
COPY ./docker/nginx/etc/nginx/nginx.conf /etc/nginx/nginx.conf
COPY ./docker/nginx/etc/nginx/conf.d/default.conf.https /etc/nginx/conf.d/default.conf

字符串
/etc/nginx/nginx.配置文件中的

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    # run ulimit -n to check
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    # Buffer size for post submission
    client_body_buffer_size 10k;
    client_max_body_size 8m;

    # Buffer size for header
    client_header_buffer_size 1k;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

型
/etc/nginx/配置文件.d/默认配置文件为：

# Expires map
map $sent_http_content_type $expires {
    default                    off;
    text/html                  epoch;
    text/css                   max;
    application/javascript     max;
    ~image/                    max;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name 0.0.0.0;
    ssl_certificate /etc/nginx/certs/server.crt;
    ssl_certificate_key /etc/nginx/certs/server.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers   on;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

    expires $expires;

    location = /favicon.ico {
      log_not_found off;
    }

    location /static/ {
        alias /static_files/;
    }

    location / {
        access_log /var/log/nginx/wsgi.access.log;
        error_log /var/log/nginx/wsgi.error_log warn;
        proxy_pass http://app_wsgi:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location /ws/ {
        try_files $uri @proxy_to_ws;
    }

    location @proxy_to_ws {
        access_log /var/log/nginx/asgi.access.log;
        error_log /var/log/nginx/asgi.error_log warn;
        proxy_pass http://app_asgi:8001;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
    }
}

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

型
nginx部件的Dock合成文件：

nginx:
    restart: always
    build:
      context: .
      dockerfile: docker/nginx/Dockerfile.https
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./app/static:/static_files
      - ./ssl/certs:/etc/nginx/certs
    depends_on:
      - app_wsgi
      - app_asgi

型
进入nginx容器并运行nginx -V命令：

root@0a15f404bf1d:/# nginx -V
nginx version: nginx/1.17.9
built by gcc 8.3.0 (Debian 8.3.0-6) 
built with OpenSSL 1.1.1d  10 Sep 2019
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fdebug-prefix-map=/data/builder/debuild/nginx-1.17.9/debian/debuild-base/nginx-1.17.9=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'

型
我的设置有什么问题吗？
我检查了Chrome开发工具，看到所有的请求仍然通过http/1. 1协议发送
我的架构是

Nginx <-> gunicorn <-> Django application

型

我有一个类似的问题，我正在实现代理传递并调用nginx服务器，我一直在接收状态426，直到我设置以下配置：

upstream mservername {
    server my.example.domain:443;
    keepalive 20;
}
server {
    listen 8443 ssl http2;
    server_name my.example.domain;
    access_log /opt/bitnami/nginx/logs/access_my_example_domain.log;
    error_log /opt/bitnami/nginx/logs/error_my_example_domain.log;
    ssl_certificate     /opt/bitnami/nginx/conf/bitnami/certs/server.crt;
    ssl_certificate_key /opt/bitnami/nginx/conf/bitnami/certs/server.key;
    ssl_protocols       TLSv1.3 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;

    location /resource {
        http2_push_preload on;
        proxy_ssl_session_reuse off;
        proxy_ssl_server_name on;
        proxy_ssl_name my.example.domain;
        proxy_ssl_trusted_certificate /opt/bitnami/nginx/conf/bitnami/certs/my_example_domain/my_domain_cert.crt;
        proxy_set_header content-type "application/xml";
        proxy_set_header accept "application/xml";
        proxy_hide_header               X-Frame-Options;
        proxy_http_version              1.1;
        proxy_set_header                Upgrade $http_upgrade;
        proxy_set_header                Connection "upgrade";
        proxy_set_header                X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header                X-Forwarded-Proto $scheme;
        proxy_pass https://my.example.domain/resource;
    }
    
}

字符串
希望可以帮助。在我的情况下，它解决了问题。

无法在nginx docker容器上使用http2

2条答案

相关问题

热门标签

最新问答