Nginx 反向代理

docker-compose.yml

version: '3.8'

services:
  nginx:
    container_name: "nginx"
    image: nginx:1.21.0
    restart: unless-stopped
    #privileged: true
    volumes:
      - ./data/nginx.conf:/etc/nginx/nginx.conf
      - ./data/conf.d:/etc/nginx/conf.d
      - ./data/html:/usr/share/nginx/html
      - ./data/logs:/var/log/nginx
      - /www/certbot/data/letsencrypt:/etc/letsencrypt
    networks: [ghost_net]
    ports:
      - "80:80"
      - "443:443"
    environment:
      - NGINX_HOST=nginx.atibm.com
      - NGINX_PORT=80

networks:
  ghost_net:
    external: true

nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '\$remote_addr - \$remote_user [\$time_local] "\$request" '
                      '\$status \$body_bytes_sent "\$http_referer" '
                      '"\$http_user_agent" "\$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

conf.d/trilium.conf

# redirect all http traffic to https
server {
    listen 80;
    server_name trilium.atibm.com;
    # google adsense ads.txt
    location /ads.txt {
        alias /usr/share/nginx/html/trilium/ads.txt;
    }
    location /robots.txt {
        alias /usr/share/nginx/html/trilium/robots.txt;
    }
    return 301 https://$host$request_uri;
}
# defined trilium.atibm.com 443
server {
    listen 443 ssl;
    server_name trilium.atibm.com;
    ssl_certificate     /etc/letsencrypt/live/ghost.atibm.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/ghost.atibm.com/privkey.pem;
    access_log  /var/log/nginx/trilium-access.log;
    error_log   /var/log/nginx/trilium-error.log;
    location /ads.txt {
        alias /usr/share/nginx/html/trilium/ads.txt;
    } 
    location /robots.txt {
        alias /usr/share/nginx/html/trilium/robots.txt;
    }
    location / {
        proxy_pass       http://trilium:8080;
        proxy_http_version 1.1;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_connect_timeout      150;
        proxy_send_timeout         100;
        proxy_read_timeout         100;
        proxy_buffers              4 32k;
        client_max_body_size       10m;
        client_body_buffer_size    128;    
    }
}