服务器 Gind.cn
  1. 服务器 Gind.cn
  3. jwilder / nginx-proxy设置多个php fpm容器
Intereting Posts
CentOS / Plesk 10迁移失败 由于突然的高stream量,服务器停机的情况下,什么是快速修复? 如何保持一个可重复的服务器pipe理日志? PowerCLI – networking嵌套的ESXi Oracle安全更新补丁2011年7月 – 如何知道我是否受到影响? 任何方式来集中pipe理cygwin更新? 384 MB的足够启动VPS? ntpd服务器意外closures Plesk:Plesk / Apache VirtualHost合作 – 可以/明智吗? configurationStrongSwan以使用DHCP npm安装generator-webapp失败 任何使用Chrome的JavaScript引擎的负载均衡器? 在IIS6中设置默认网站 varnishncsa不显示任何输出 nginx保持locking状态

jwilder / nginx-proxy设置多个php fpm容器

我试图用mailcow-dockerized( https:// github )运行官方的nextcloud docker-compose.yml( https://github.com/nextcloud/docker/blob/master/.examples/docker-compose.yml ) .com / mailcow / mailcow-dockerized )项目在一个vps。
它实际上工作,我可以访问浏览器中的两个应用程序(即使电子邮件发送和接收工程):),只有一个缺点,只要两个应用程序尝试访问FMP,VPS崩溃。
所以我想这可能要做,他们都想访问主机的端口9000。

所以接下来我要做的就是改变每个主机的configuration来添加fastcgi pass:
.examples/proxy/VIRTUAL_HOST_location 

 fastcgi_pass nextcloud_fpm:9000;

但是我得到一个没有nginx或fastcgi错误的空白页面( docker logs proxy -f --since 2 )。 和docker logs nextcloud_fpm -f --since 2输出以下内容:

172.19.0.7 – 08 / Sep / 2017:13:07:32 +0000“ – ”200
172.19.0.7 – 08 / Sep / 2017:13:07:40 +0000“ – ”200 

 version: '2' services: proxy: image: jwilder/nginx-proxy container_name: proxy ports: - 80:80 - 443:443 volumes: - ./proxy/conf.d:/etc/nginx/conf.d - ./proxy/vhost.d:/etc/nginx/vhost.d - ./proxy/html:/usr/share/nginx/html - ./proxy/certs:/etc/nginx/certs:ro - /var/run/docker.sock:/tmp/docker.sock:ro networks: - proxy-tier restart: always letsencrypt-companion: image: alastaircoote/docker-letsencrypt-nginx-proxy-companion container_name: letsencrypt-companion volumes_from: - proxy volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - ./proxy/certs:/etc/nginx/certs:rw restart: always web: image: nginx container_name: nextcloud_webserver volumes: - ./nginx.conf:/etc/nginx/nginx.conf:ro links: - app - collabora volumes_from: - app environment: - VIRTUAL_HOST=${DOMAIN} - VIRTUAL_NETWORK=nginx-proxy - VIRTUAL_PORT=80 - LETSENCRYPT_HOST=${DOMAIN} - LETSENCRYPT_EMAIL= networks: - proxy-tier restart: always app: image: nextcloud:fpm container_name: nextcloud_fpm links: - db volumes: - ./nextcloud/apps:/var/www/html/apps - ./nextcloud/config:/var/www/html/config - ./nextcloud/data:/var/www/html/data networks: - proxy-tier restart: always db: image: mariadb container_name: db volumes: - ./nextcloud/db:/var/lib/mysql environment: - MYSQL_ROOT_PASSWORD= - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_PASSWORD= networks: - proxy-tier restart: always redis: image: redis container_name: redis networks: - proxy-tier restart: always collabora: image: collabora/code container_name: collabora cap_add: - MKNOD environment: - domain=${DOMAIN} networks: - proxy-tier restart: always networks: proxy-tier: external: name: nginx-proxy

mailcow docker-compose的摘录(与原来的变化部分): 

  php-fpm-mailcow: image: mailcow/phpfpm:1.0 build: ./data/Dockerfiles/phpfpm command: "php-fpm -d date.timezone=${TZ}" depends_on: - redis-mailcow volumes: - ./data/web:/web:ro - ./data/conf/rspamd/dynmaps:/dynmaps:ro - dkim-vol-1:/data/dkim environment: - DBNAME=${DBNAME} - DBUSER=${DBUSER} - DBPASS=${DBPASS} - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} - IMAP_PORT=${IMAP_PORT:-143} - IMAPS_PORT=${IMAPS_PORT:-993} - POP_PORT=${POP_PORT:-110} - POPS_PORT=${POPS_PORT:-995} - SIEVE_PORT=${SIEVE_PORT:-4190} - SUBMISSION_PORT=${SUBMISSION_PORT:-587} - SMTPS_PORT=${SMTPS_PORT:-465} - SMTP_PORT=${SMTP_PORT:-25} restart: always dns: - 172.22.1.254 dns_search: mailcow-network networks: mailcow-network: aliases: - phpfpm nginx-mailcow: depends_on: - sogo-mailcow - php-fpm-mailcow image: nginx:mainline-alpine healthcheck: test: ["CMD", "ping", "php-fpm-mailcow", "-c", "5"] interval: 5s timeout: 5s retries: 10 command: /bin/sh -c "envsubst < /etc/nginx/conf.d/templates/listen_plain.template > /etc/nginx/conf.d/listen_plain.active && envsubst < /etc/nginx/conf.d/templates/listen_ssl.template > /etc/nginx/conf.d/listen_ssl.active && envsubst < /etc/nginx/conf.d/templates/server_name.template > /etc/nginx/conf.d/server_name.active && nginx -g 'daemon off;'" environment: - HTTPS_PORT=${HTTPS_PORT:-443} - HTTP_PORT=${HTTP_PORT:-80} - MAILCOW_HOSTNAME=${MAILCOW_HOSTNAME} - VIRTUAL_HOST=${MAILCOW_HOSTNAME} - VIRTUAL_NETWORK=nginx-proxy - VIRTUAL_PORT=${HTTP_PORT:-80} - LETSENCRYPT_HOST=${MAILCOW_HOSTNAME} - LETSENCRYPT_EMAIL=${LETSENCRYPT_EMAIL} volumes: - ./data/web:/web:ro - ./data/conf/rspamd/dynmaps:/dynmaps:ro #- ./data/assets/ssl/:/etc/ssl/mail/:ro - mailcerts:/etc/ssl/mail/:ro - ./data/conf/nginx/:/etc/nginx/conf.d/:rw expose: - "${HTTP_PORT:-80}" #ports: # - "${HTTPS_BIND:-0.0.0.0}:${HTTPS_PORT:-443}:${HTTPS_PORT:-443}" # - "${HTTP_BIND:-0.0.0.0}:${HTTP_PORT:-80}:${HTTP_PORT:-80}" restart: always dns: - 172.622.1.254 dns_search: mailcow-network networks: mailcow-network: ipv4_address: 172.22.1.251 aliases: - nginx proxy-tier: # At the end of the docker-compse: networks: mailcow-network: driver: bridge enable_ipv6: true ipam: driver: default config: - subnet: 172.22.1.0/24 - subnet: fd4d:6169:6c63:6f77::/64 proxy-tier: external: name: nginx-proxy volumes: vmail-vol-1: mysql-vol-1: dkim-vol-1: redis-vol-1: rspamd-vol-1: postfix-vol-1: crypt-vol-1: mailcerts: driver_opts: type: none device: /opt/nextcloud-docker/.examples/proxy/certs/${MAILCOW_HOSTNAME} o: bind

所以我现在看到,他们有自己的nginx文件。 下一个部分(也可以在github回购,但我不能发布超过2个链接,谢谢!): 

 user www-data; events { worker_connections 768; } http { upstream backend { server app:9000; } include /etc/nginx/mime.types; default_type application/octet-stream; server { listen 80; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; root /var/www/html; client_max_body_size 10G; # 0=unlimited - set max upload size fastcgi_buffers 64 4K; gzip off; index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; rewrite ^/.well-known/carddav /remote.php/dav/ permanent; rewrite ^/.well-known/caldav /remote.php/dav/ permanent; location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ { deny all; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location / { rewrite ^/remote/(.*) /remote.php last; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ =404; } location ~ \.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice fastcgi_pass backend; fastcgi_intercept_errors on; } # Adding the cache control header for js and css files # Make sure it is BELOW the location ~ \.php(?:$|/) { block location ~* \.(?:css|js)$ { add_header Cache-Control "public, max-age=7200"; # Add headers to serve security related headers add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Robots-Tag none; add_header X-Download-Options noopen; add_header X-Permitted-Cross-Domain-Policies none; # Optional: Don't log access to assets access_log off; } # Optional: Don't log access to other assets location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { access_log off; } # collabora static files location ^~ /loleaflet { proxy_pass https://collabora:9980; proxy_set_header Host $http_host; } # collabora WOPI discovery URL location ^~ /hosting/discovery { proxy_pass https://collabora:9980; proxy_set_header Host $http_host; } # collabora websockets, download, presentation and image upload location ^~ /lool { proxy_pass https://collabora:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; } } }

这意味着,我已经错误地将容器名称作为fastcgi传递,而不是来自docker-compose :(。
但是,在*4 connect() failed (111: Connection refused) while connecting to upstream, client:导致*4 connect() failed (111: Connection refused) while connecting to upstream, client:

mailcow的部分(也可在github回购): 

 server { listen 8081; listen [::]:8081; index index.php index.html; server_name _; error_log /var/log/nginx/error.log; access_log /var/log/nginx/access.log; root /dynmaps; location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass phpfpm:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; } }

我现在不确定,是什么让我的服务器崩溃。 我所知道的是docker ps | grep 9000 docker ps | grep 9000输出这个: 

 4c04c978c4d5 nextcloud:fpm "/entrypoint.sh ph..." 8 minutes ago Up 7 minutes 9000/tcp nextcloud_fpm 9ff7a19d0253 mailcow/phpfpm:1.0 "/docker-entrypoin..." 2 days ago Up 2 days 9000/tcp mailcowdockerized_php-fpm-mailcow_1

我仍然认为,这使它崩溃。

nmap -p 9000 cloud.mydomain.com输出: 

 Starting Nmap 7.01 at 2017-09-09 09:14 CEST Nmap scan report for cloud.mydomain.com (ip) Host is up (0.029s latency). rDNS record for ip: mail.mydomain.com PORT STATE SERVICE 9000/tcp closed cslistener Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds

我不明白,这是什么意思,第一次使用nmap。