根据官方文档设置的反向代理
基本功能可用,到了web终端时就出现了404的问题
清除浏览器缓存,退出登录,重新登录一下
可以试试清理缓存
明显你写的反代有问题啊,从web终端跳koko组件的时候,反代配置发出来看看
章鱼哥说的太对了
复制的文档中的 推荐部署 ssl 使用更安全的 https 协议访问
中443的部分
server {
listen 18300 ssl http2;
server_name sg.xxx.com; # 自行修改成你的域名
ssl_certificate /root/.acme.sh/*.xxx.com_ecc/fullchain.cer;
ssl_certificate_key /root/.acme.sh/*.xxx.com_ecc/*.xxx.com.key;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=63072000" always;
client_max_body_size 4096m; # 录像及文件上传大小限制
location / {
proxy_pass http://127.0.0.1:18301;
proxy_http_version 1.1;
proxy_buffering off;
proxy_request_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
# 版本号可以自己根据项目的版本修改
VERSION=v3.10.6
# 构建参数, 支持 amd64
TARGETARCH=arm64
# Compose
COMPOSE_PROJECT_NAME=jms
# COMPOSE_HTTP_TIMEOUT=3600
# DOCKER_CLIENT_TIMEOUT=3600
DOCKER_SUBNET=172.21.0.0/24
# 持久化存储
VOLUME_DIR=/docker/jumpserver_data
# MySQL
DB_HOST=mysql
DB_PORT=3306
DB_USER=jumpserver
DB_PASSWORD=xxxxx
DB_NAME=jumpserver
# Redis
REDIS_HOST=redis
REDIS_PORT=6379
REDIS_PASSWORD=xxxxx
# Core
SECRET_KEY=xxxxx
BOOTSTRAP_TOKEN=xxxxx
# DEBUG=FALSE
LOG_LEVEL=ERROR
DOMAINS=sg.xxx.com:18300
# Web
HTTP_PORT=18301
SSH_PORT=22223
MAGNUS_MYSQL_PORT=33061
MAGNUS_MARIADB_PORT=33062
MAGNUS_REDIS_PORT=63790
哦,明白了,不支持。http和https端口用80和443吧
443还有nginx服务在用,对着文档配二级代理也配置不成功,404的更厉害了
https://sg.xxx.com/jms/
被跳转到了
https://sg.xxx.com/ui/#/jms/
location /jms {
proxy_pass http://127.0.0.1:18301;
rewrite "/jms/(.*)$" /$1 break;
proxy_http_version 1.1;
proxy_buffering off;
proxy_request_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect ~^/(.*) https://$http_host/jms/$1;
sub_filter_types *;
sub_filter_once off;
sub_filter '/static/' '/jms\/static/';
sub_filter '/ui/' '/jms/';
sub_filter '/api/' '/jms/api/';
sub_filter '/core/' '/jms/core/';
sub_filter '/ws/notifications/' '/jms/ws/notifications/';
sub_filter '/luna/' '/jms/luna/';
sub_filter '/koko/' '/jms/koko/';
sub_filter '/lion' '/jms/lion';
sub_filter '/media/' '/jms/media/';
sub_filter '/omnidb/' '/jms/omnidb/';
}
因为后面组件要跳转的,所以,要不你分出去吧,别跟这台nginx做一起了
我现在修改了反代配置,在同一个服务器里用2个不同的域名分别监听443,现在打开是正常了