Traefik:使用 Nginx 为 Django 应用程序提供静态内容
Traefik: Serve static content with Nginx for a Django Application
目前我正在尝试 运行 在我的服务器上编写一个 docker-compose 文件,我将在其中 运行 使用 traefik 和 gunicorn 的 django 应用程序。我目前的配置如下:
version: '3'
services:
web:
build:
context: ./src
dockerfile: dockerfiles-stage/Dockerfile
command: gunicorn core.wsgi:application --workers 2 --threads 2 --bind 0.0.0.0:8000
volumes:
- static_volume:/code/static
- ./src/logs/main/:/code/logs/
expose:
- 8000
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.rule=Host(`mk.getalice.ai`)"
- "traefik.http.routers.web.entrypoints=websecure"
- "traefik.http.routers.web.tls.certresolver=myhttpchallenge"
depends_on:
- db
- mongo
- redis
traefik:
image: "traefik:v2.0.0-rc3"
container_name: "traefik"
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myhttpchallenge.acme.email=kmehran.1106@gmail.com"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8000:8000"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
depends_on:
- web
db:
image: postgres:11.5-alpine
volumes:
- postgres_data:/var/lib/postgresql/data/
environment:
- POSTGRES_USER=misfit
- POSTGRES_PASSWORD=3210
- POSTGRES_DB=alice
ports:
- 5434:5432
redis:
image: redis:alpine
ports:
- 6379:6379
volumes:
- redis_data:/var/lib/redis/data/
mongo:
image: mongo
environment:
- MONGO_INITDB_ROOT_USERNAME=misfit
- MONGO_INITDB_ROOT_PASSWORD=3210
ports:
- 27018:27017
volumes:
- mongo_data:/var/lib/mongodb/data/
volumes:
static_volume: {}
postgres_data: {}
mongo_data: {}
redis_data: {}
现在这适用于我的 API,但我想通过 swagger 文档检查我的 API 并访问我的 django 管理仪表板。在那种情况下,它不起作用,这是预期的,因为 traefik 仅用于反向代理。为此,我在 github 问题中发现为 Nginx 创建一个新容器并使用它来为我的静态文件提供服务。这里我运行分几个问题。
我在 Whosebug 中检查了另一个 post 并尝试使用该解决方案
# compose service
nginx:
image: nginx:1.15-alpine
restart: always
volumes:
- static_volume:/code/static
- ./nginx/traefik/default.conf:/etc/nginx/conf.d/default.conf
labels:
- "traefik.enable=true"
- "traefik.backend=nginx"
- "traefik.frontend.rule=Host:mk.getalice.ai;PathPrefix:/static"
- "traefik.port=80"
# conf file
server {
listen 80;
server_name _;
client_max_body_size 200M;
set $cache_uri $request_uri;
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; }
ignore_invalid_headers on;
add_header Access-Control-Allow_Origin *;
location /static {
autoindex on;
alias /code/static;
}
location /media {
autoindex on;
alias /code/media;
}
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
}
这没有用,我仍然看不到静态文件。
我还尝试了另一种解决方案来尝试浏览文档,但这个解决方案也搞砸了我的 API 服务(网络)。
nginx:
image: nginx:1.15-alpine
container_name: nginx_static
restart: always
volumes:
- static_volume:/static
- ./nginx/traefik/default.conf:/etc/nginx/conf.d/default.conf
labels:
- "traefik.enable=true"
- "traefik.http.routers.static.rule=Host(`mk.getalice.ai`)"
- "traefik.http.middlewares.static.addprefix.prefix=/static"
- "traefik.http.routers.static.entrypoints=websecure"
如有任何帮助,我们将不胜感激!谢谢!
我通读了文档,并且能够弄清楚如何使用 Traefik v2.0 执行此操作。我的 docker-compose 文件是这样的。
version: '3'
services:
traefik: # basic traefik configuration from docs with tls challenge config
image: traefik:v2.0
container_name: traefik
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
- "--certificatesresolvers.mytlschallenge.acme.email=mehran@misfit.tech"
- "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./letsencrypt:/letsencrypt
depends_on:
- app
app: # my app config. this will be different depending on your dockerfile
build:
context: ./src
dockerfile: dockerfiles-stage/Dockerfile
container_name: app
command: gunicorn core.wsgi:application --workers 2 --threads 2 --bind 0.0.0.0:8000
entrypoint: /code/dockerfiles-stage/entrypoint.sh
volumes:
- static_volume:/code/static
- ./src/logs/main/:/code/logs/
ports:
- 8000:8000
labels: # redirecting http to https and defining routers and using tcl certresolver
- "traefik.enable=true"
- "traefik.http.middlewares.redirect-https.redirectscheme.scheme=https"
- "traefik.http.routers.app-http.entrypoints=web"
- "traefik.http.routers.app-http.rule=Host(`mk.getalice.ai`)"
- "traefik.http.routers.app-http.middlewares=redirect-https@docker"
- "traefik.http.routers.app-https.rule=Host(`mk.getalice.ai`)"
- "traefik.http.routers.app-https.entrypoints=websecure"
- "traefik.http.routers.app-https.tls.certresolver=mytlschallenge"
nginx: # nginx to serve static files
image: nginx:1.15-alpine
container_name: nginx
restart: always
volumes:
- ./traefik-files/nginx.conf:/etc/nginx/conf.d/default.conf
- static_volume:/static
labels: # route defined to handle specific rule and enabling tls certresolver
- "traefik.enable=true"
- "traefik.http.routers.static-http.entrypoints=websecure"
- "traefik.http.routers.static-http.rule=Host(`mk.getalice.ai`) && PathPrefix(`/static`)"
- "traefik.http.routers.static-http.tls.certresolver=mytlschallenge"
depends_on:
- app
目前我正在尝试 运行 在我的服务器上编写一个 docker-compose 文件,我将在其中 运行 使用 traefik 和 gunicorn 的 django 应用程序。我目前的配置如下:
version: '3'
services:
web:
build:
context: ./src
dockerfile: dockerfiles-stage/Dockerfile
command: gunicorn core.wsgi:application --workers 2 --threads 2 --bind 0.0.0.0:8000
volumes:
- static_volume:/code/static
- ./src/logs/main/:/code/logs/
expose:
- 8000
labels:
- "traefik.enable=true"
- "traefik.http.routers.web.rule=Host(`mk.getalice.ai`)"
- "traefik.http.routers.web.entrypoints=websecure"
- "traefik.http.routers.web.tls.certresolver=myhttpchallenge"
depends_on:
- db
- mongo
- redis
traefik:
image: "traefik:v2.0.0-rc3"
container_name: "traefik"
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge=true"
- "--certificatesresolvers.myhttpchallenge.acme.httpchallenge.entrypoint=web"
- "--certificatesresolvers.myhttpchallenge.acme.email=kmehran.1106@gmail.com"
- "--certificatesresolvers.myhttpchallenge.acme.storage=/letsencrypt/acme.json"
ports:
- "80:80"
- "443:443"
- "8000:8000"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
depends_on:
- web
db:
image: postgres:11.5-alpine
volumes:
- postgres_data:/var/lib/postgresql/data/
environment:
- POSTGRES_USER=misfit
- POSTGRES_PASSWORD=3210
- POSTGRES_DB=alice
ports:
- 5434:5432
redis:
image: redis:alpine
ports:
- 6379:6379
volumes:
- redis_data:/var/lib/redis/data/
mongo:
image: mongo
environment:
- MONGO_INITDB_ROOT_USERNAME=misfit
- MONGO_INITDB_ROOT_PASSWORD=3210
ports:
- 27018:27017
volumes:
- mongo_data:/var/lib/mongodb/data/
volumes:
static_volume: {}
postgres_data: {}
mongo_data: {}
redis_data: {}
现在这适用于我的 API,但我想通过 swagger 文档检查我的 API 并访问我的 django 管理仪表板。在那种情况下,它不起作用,这是预期的,因为 traefik 仅用于反向代理。为此,我在 github 问题中发现为 Nginx 创建一个新容器并使用它来为我的静态文件提供服务。这里我运行分几个问题。
我在 Whosebug
# compose service
nginx:
image: nginx:1.15-alpine
restart: always
volumes:
- static_volume:/code/static
- ./nginx/traefik/default.conf:/etc/nginx/conf.d/default.conf
labels:
- "traefik.enable=true"
- "traefik.backend=nginx"
- "traefik.frontend.rule=Host:mk.getalice.ai;PathPrefix:/static"
- "traefik.port=80"
# conf file
server {
listen 80;
server_name _;
client_max_body_size 200M;
set $cache_uri $request_uri;
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; }
ignore_invalid_headers on;
add_header Access-Control-Allow_Origin *;
location /static {
autoindex on;
alias /code/static;
}
location /media {
autoindex on;
alias /code/media;
}
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
}
这没有用,我仍然看不到静态文件。
我还尝试了另一种解决方案来尝试浏览文档,但这个解决方案也搞砸了我的 API 服务(网络)。
nginx:
image: nginx:1.15-alpine
container_name: nginx_static
restart: always
volumes:
- static_volume:/static
- ./nginx/traefik/default.conf:/etc/nginx/conf.d/default.conf
labels:
- "traefik.enable=true"
- "traefik.http.routers.static.rule=Host(`mk.getalice.ai`)"
- "traefik.http.middlewares.static.addprefix.prefix=/static"
- "traefik.http.routers.static.entrypoints=websecure"
如有任何帮助,我们将不胜感激!谢谢!
我通读了文档,并且能够弄清楚如何使用 Traefik v2.0 执行此操作。我的 docker-compose 文件是这样的。
version: '3'
services:
traefik: # basic traefik configuration from docs with tls challenge config
image: traefik:v2.0
container_name: traefik
command:
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
- "--certificatesresolvers.mytlschallenge.acme.email=mehran@misfit.tech"
- "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"
ports:
- 80:80
- 443:443
- 8080:8080
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./letsencrypt:/letsencrypt
depends_on:
- app
app: # my app config. this will be different depending on your dockerfile
build:
context: ./src
dockerfile: dockerfiles-stage/Dockerfile
container_name: app
command: gunicorn core.wsgi:application --workers 2 --threads 2 --bind 0.0.0.0:8000
entrypoint: /code/dockerfiles-stage/entrypoint.sh
volumes:
- static_volume:/code/static
- ./src/logs/main/:/code/logs/
ports:
- 8000:8000
labels: # redirecting http to https and defining routers and using tcl certresolver
- "traefik.enable=true"
- "traefik.http.middlewares.redirect-https.redirectscheme.scheme=https"
- "traefik.http.routers.app-http.entrypoints=web"
- "traefik.http.routers.app-http.rule=Host(`mk.getalice.ai`)"
- "traefik.http.routers.app-http.middlewares=redirect-https@docker"
- "traefik.http.routers.app-https.rule=Host(`mk.getalice.ai`)"
- "traefik.http.routers.app-https.entrypoints=websecure"
- "traefik.http.routers.app-https.tls.certresolver=mytlschallenge"
nginx: # nginx to serve static files
image: nginx:1.15-alpine
container_name: nginx
restart: always
volumes:
- ./traefik-files/nginx.conf:/etc/nginx/conf.d/default.conf
- static_volume:/static
labels: # route defined to handle specific rule and enabling tls certresolver
- "traefik.enable=true"
- "traefik.http.routers.static-http.entrypoints=websecure"
- "traefik.http.routers.static-http.rule=Host(`mk.getalice.ai`) && PathPrefix(`/static`)"
- "traefik.http.routers.static-http.tls.certresolver=mytlschallenge"
depends_on:
- app