配置 FN Connect 支持访问 Docker 容器 Web 服务
一、配置 FN Connect
FN Connect 代理要求:
-
容器提供的 Web 端口服务必须为无加密 HTTP 协议。否则会 404 报错:
400 Bad Request The plain HTTP request was sent to HTTPS port nginx/1.29.2
二、Compose 模板:示例 Nginx
services:
nginx:
restart: always
image: nginx:latest
container_name: nginx
ports:
- 8080:80
- 8081:81
volumes:
- /vol1/1000/docker/nginx/conf.d:/etc/nginx/conf.d
创建容器完成后,fnOS 需要几分钟时间,创建 FN Connect 三级域名来映射主机端口 <容器 ID>-<Nginx 代理端口索引>.<FN ID>.5ddd.com 。
未完成
FN Connect三级域名创建时,在Docker -> 容器 -> nginx访问对应端口,会访问https://fnid.5ddd.com:8081/。创建完成后,则访问
https://112233aabbcc-1.fnid.5ddd.com/。
三、Nginx 配置文件要求
为方便可以通过 fnOS 主机 DDNS 域名(https://www.example.com:8080/)和 FN Connect (https://112233aabbcc-1.fnid.5ddd.com/)两种方式访问,对同一个后端服务可以开放两个端口:
8080由Nginx自身实现 HTTPS 反向代理。8081由FN Connect实现访问后端服务。
据此,可以写一个配置文件实现。示例,代理 Unraid : www.example.com_8080_80801_unraid.conf :
# Nginx 反向代理
server {
listen 8080 ssl;
listen [::]:8080 ssl;
server_name www.example.com;
ssl_certificate /etc/nginx/conf.d/ssl/www.example.com.pem;
ssl_certificate_key /etc/nginx/conf.d/ssl/www.example.com.key;
location / {
proxy_pass https://<Unraid IP>:443;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 20m;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
# FN Connect 代理
server {
listen 8081;
listen [::]:8081;
server_name localhost;
location / {
proxy_pass https://<Unraid IP>:443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 20m;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
浙公网安备 33010602011771号