首先,我已經在serverfault上提出了同樣的問題,但它似乎並沒有引起太多的關注,因此轉發到這裏。如果這在概念上是錯誤的,請讓我知道,我會很樂意採取建議的行動。如何讓Ruby註銷鏈接在nginx反向代理環境中工作
我有幾個內部Web服務,redmine服務器是準確的,我想暴露給其他子網和通過互聯網。我相信架構的VirtualBox/docker方面並不直接相關,因爲所有鏈接和端口轉發似乎都可以工作,但這裏是網絡的樣子。
Router/external-dynamic-ip/ddns-hostname:8090 ->
Lan Host/192.168.0.6/10.0.2.2:8090 -> VirtualBox/10.0.2.15
vbox:8090 -> docker-nginx(NAT)/172.17.0.6:80
vbox:8080 -> docker-redmine-tech(NAT)/172.17.0.4:3000
vbox:8081 -> docker-redmine-tech(NAT)/172.17.0.5:3000
與下面的nginx的配置,我可以通過網絡瀏覽器在不同的機器上訪問在局域網上的碼頭工人,管理平臺的高科技服務爲http://192.168.0.6:8090/tech/。首頁,圖像,腳本和登錄後的所有導航似乎工作得很好,地址欄基本URL始終保持爲http://192.168.0.6:8090/tech/,因此,重定向對用戶是不可見的。
http {
include /etc/nginx/mime.types;
log_format upstreamlog '[$time_local] $request_uri $http_referer $http_host $host $server_port $proxy_host $proxy_port $remote_addr - $remote_user - $server_name to: $upstream_addr $http_x_forwarded_for: $status/upstream $upstream_status $request upstream_response_time $upstream_response_time msec $msec request_time $request_time body: $request_body';
access_log /var/log/nginx/access.log upstreamlog;
error_log /var/log/nginx/error.log debug;
rewrite_log on;
underscores_in_headers on;
upstream redmine-tech {
server 10.0.2.15:8080;
}
server {
listen 80 default_server;
location /tech/ {
proxy_set_header Host $http_host/tech;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
add_header Pragma "no-cache";
add_header Cache-Control "no-cache";
proxy_pass http://redmine-tech/;
sub_filter 'action="/' 'action="/tech/';
sub_filter 'href="/' 'href="/tech/';
sub_filter 'src="/' 'src="/tech/';
sub_filter_once off;
}
}
}
redmine網頁似乎使用相對URL,因此sub_filter重寫。這並不會破壞像http://www.redmine.org/guide這樣的絕對網址。
到目前爲止這麼好。我唯一的問題是logout。當我登出時,這需要我到http://192.168.0.6,但我希望在http://192.168.0.6:8090/tech/而不是。
註銷形式的html代碼是
<form action="/tech/logout" accept-charset="UTF-8" method="post"><input name="utf8" type="hidden" value="✓" /><input type="hidden" name="authenticity_token" value="cJAHHZxZ0ddFKXSz+vzDze3N4V3yhcxfH/bM0u2IcZJXpsnBBpAr9I4v8U9yLopSpra3WkhB4oOMIqgM7iXE9w==" />
這是擊中logout後nginx的日誌。
[08/Nov/2016:13:41:23 +0000] /tech/logout http://192.168.0.6:8090/tech/logout 192.168.0.6:8090 192.168.0.6 80 redmine-tech 80 10.0.2.2 - - - to: 10.0.2.15:8080 -: 302/upstream 302 POST /tech/logout HTTP/1.1 upstream_response_time 0.011 msec 1478612483.524 request_time 0.011 body: _method=post&authenticity_token=Hb1wtuM6oSTWbgTG%2B2Ldr%2BXZZYbv6awGzDIFa7vkv6xqQDvRtuWAnCr4vDrb1SpQP8kl6qVvcuP03LGY%2ByX9rQ%3D%3D
我使用的管理平臺與Ruby on Rails的和/logout鏈接似乎是由紅寶石已經產生了汽車。該find . -name "*.rb" -exec grep -Hn "You are being" {} \;搜索返回以下結果
./usr/local/bundle/gems/actionpack-4.2.7.1/lib/action_dispatch/routing/redirection.rb:40: body = %(<html><body>You are being <a href="#{ERB::Util.unwrapped_html_escape(uri.to_s)}">redirected</a>.</body></html>)
./usr/local/bundle/gems/actionpack-4.2.7.1/lib/action_controller/metal/redirecting.rb:76: self.response_body = "<html><body>You are being <a href=\"#{ERB::Util.unwrapped_html_escape(location)}\">redirected</a>.</body></html>"
我不知道這rb文件實際上在這種情況下運行,但似乎這是URI /位置轉換,其不順心,我不明白爲什麼。也許POST需要另一個http頭設置在nginx conf中,但登錄/搜索/註冊新帳戶等形式工作正常,也使用`POST。
我不知道,如果捲曲聲明curl -i http://192.168.0.6:8090/tech/logout -H "Host: 192.168.0.6"是有意義的,因爲我不能追加港口和/tech/爲我在nginx的的conf proxy_set_header Host $http_host/tech;做主持人現場但這是輸出
HTTP/1.1 302 Found
Server: nginx/1.11.5
Date: Tue, 08 Nov 2016 13:20:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: http://192.168.0.6/tech/
Cache-Control: no-cache
X-Request-Id: 66707620-ebd2-4c66-af9f-3ba6633d5e7d
X-Runtime: 0.003215
Pragma: no-cache
Cache-Control: no-cache
<html><body>You are being <a href="http://192.168.0.6/tech/">redirected</a>.</body></html>
所以,我希望有人能提供一些啓發,並非常感謝你。