ccl*_*oyd 6 vpn nginx docker l2tp docker-compose
我有一个L2TP服务器设置了docker-compose,而nginx将某些主机设置为主机名,但是当我尝试连接时,nginx正在读取原始IP,而不是通过VPN代理的IP.
Nginx显示x.x.x.x而不是192.168.x.xIP.
因此,403 (forbidden)当我尝试连接任何不允许的远程IP时,即使连接到VPN时,它也会给我一个错误,甚至当VPN给我一个类似的IP时192.168.43.12
当我尝试network_mode: hostVPN时,它根本无法路由任何网络流量.
泊坞窗,compose.yml:
services:
vpn:
image: hwdsl2/ipsec-vpn-server
restart: always
env_file:
- ../config/vpn/vpn.env
ports:
- "500:500/udp"
- "4500:4500/udp"
- "1701:1701/udp"
privileged: true
hostname: example.com
volumes:
- /lib/modules:/lib/modules:ro
nginx:
build: ../config/nginx
restart: unless-stopped
ports:
- "80:80"
network_mode: host
nginx网站conf:
server {
listen *:80;
server_name bt.example.com;
index index.html;
access_log /dev/stdout upstreamlog;
error_log /dev/stderr debug;
location / {
allow 127.0.0.1;
allow 192.168.0.0/16;
#allow x.x.x.x; # one remote IP I want to allow, normally uncommented
deny all;
proxy_pass http://localhost:9091;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
| 归档时间: |
|
| 查看次数: |
131 次 |
| 最近记录: |