Comments (17)
undeflife
commented on September 17, 2024
3
最简单办法是直接将docker-compose里的nginx端口修改成其他端口,host nginx 反代过去即可,
下面提供一个不含 nginx 容器的方案,移除了docker-compose里的nginx后,将outline和 oicd 端口暴露出来,同时oicd的回调需要做出改动,否则会认证失败(env.oidc的内容修改更好的办法是用config.sh里的URL环境变量替换,而不是硬编码进去),最后将使用docker-compose里的nginx配置文件应用到host到nginx即可
config.sh 基本不改,URL 设置成你最后的访问地址如: https://wiki.example.com
之后做出如下改动,以下内容可以保存成patch,使用 git apply
diff --git a/Makefile b/Makefile
index cb7fb67..97091ca 100644
--- a/Makefile
+++ b/Makefile
@@ -7,13 +7,11 @@ gen-conf:
start:
${docker-compose} up -d
- cd ./scripts && bash ./main.sh reload_nginx
install: gen-conf start
sleep 1
${docker-compose} exec ${oidc_server_container} bash -c "make init"
${docker-compose} exec ${oidc_server_container} bash -c "python manage.py loaddata oidc-server-outline-client"
- cd ./scripts && bash ./main.sh reload_nginx
-
diff --git a/scripts/templates/docker-compose.yml b/scripts/templates/docker-compose.yml
index 1172931..fe8942f 100644
--- a/scripts/templates/docker-compose.yml
+++ b/scripts/templates/docker-compose.yml
@@ -58,6 +58,8 @@ services:
volumes:
- ./data/outline:/var/lib/outline/data
restart: always
+ ports:
+ - ${HTTP_IP}:${HTTP_PORT_IP}:3000
depends_on:
- wk-postgres
- wk-redis
@@ -73,26 +75,12 @@ services:
- ./data/uc/db:/app/db:z
- ./data/uc/static_root:/app/static_root:z
restart: always
+ ports:
+ - ${HTTP_IP}:8000:8000
env_file:
- ./env.oidc-server
networks:
- ${NETWORKS}
- wk-nginx:
- image: nginx
- ports:
- - ${HTTP_IP}:${HTTP_PORT_IP}:80
- volumes:
- - ./config/nginx/:/etc/nginx/conf.d/:ro
- - ./data/uc/static_root:/uc/static_root:ro
- restart: always
- depends_on:
-##BEGIN MINIO
- - wk-minio
-##END
- - wk-outline
- - wk-oidc-server
- networks:
- - ${NETWORKS}
-
diff --git a/scripts/templates/env.oidc b/scripts/templates/env.oidc
index 97bf153..7c66440 100644
--- a/scripts/templates/env.oidc
+++ b/scripts/templates/env.oidc
@@ -4,8 +4,8 @@
OIDC_CLIENT_ID=050984
OIDC_CLIENT_SECRET=
OIDC_AUTH_URI=
-OIDC_TOKEN_URI=http://wk-nginx/uc/oauth/token/
-OIDC_USERINFO_URI=http://wk-nginx/uc/oauth/userinfo/
+OIDC_TOKEN_URI=https://wiki.example.com/uc/oauth/token/
+OIDC_USERINFO_URI=https://wiki.example.com/uc/oauth/userinfo/
新增Nginx配置
server {
server_name wiki.example.com;
client_max_body_size 100m;
# Outline Wiki
location / {
include /etc/nginx/conf.d/include/proxy.conf;
proxy_pass http://127.0.0.1:3000;
}
# Static file FOR OIDC Server
location /uc/static {
alias /uc/static_root;
}
# OIDC Server
location /uc {
include /etc/nginx/conf.d/include/proxy.conf;
proxy_set_header SCRIPT_NAME /uc;
proxy_pass http://127.0.0.1:8000;
}
from outline-docker-compose.
firer1946
commented on September 17, 2024
1
#8 (comment) 写错了,也是8888
scripts/config.sh URL改为了
URL=http://xxx.xxx.comNginx
server{ listen 80; server_name xxx.xxx.com; index index.php index.html index.htm; add_header Strict-Transport-Security "max-age=31536000; preload"; client_max_body_size 20m; location / { proxy_pass http://127.0.0.1:8888; # 转发规则 proxy_set_header Host $host; # 修改转发请求头,让8080端口的应用可以受到真实的请求 proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; #此处配置 上面定义的变量 proxy_set_header Connection $connection_upgrade; } location /realtime { proxy_pass http://127.0.0.1:8888/realtime; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_read_timeout 86400; } }Nginx正常,outline访问还是502,oidc账户后台访问正常。麻烦看看哪里出了问题?谢谢
那看下outline的容器报错没有(使用docker logs <container_id>),新版本可能需要增加些配置; 有必要的话可以把outline的3000端口暴露出来试试
from outline-docker-compose.
vicalloy
commented on September 17, 2024
使用 proxy_pass http://127.0.0.1:8888/
设置里面 URL= 换成你实际访问的outline所使用的URL。
from outline-docker-compose.
garywu520
commented on September 17, 2024
使用
proxy_pass http://127.0.0.1:8888/设置里面URL=换成你实际访问的outline所使用的URL。
访问502
from outline-docker-compose.
vicalloy
commented on September 17, 2024
URL= 说的是 config.sh 里的设置。
from outline-docker-compose.
garywu520
commented on September 17, 2024
是的,我的设置
cat scripts/config.sh
URL=https://xxx.xxx.xxx
ALLOWED_DOMAINS=xxx.xxx.xxx
访问502
from outline-docker-compose.
garywu520
commented on September 17, 2024
我把需求再描述下:
我想部署到VPS上,而VPS只有一个内网IP,公网IP是后台绑定的,但机器上并没有这个网卡。这种情况下,我如何调整参数?谢谢
from outline-docker-compose.
molezz
commented on September 17, 2024
我也是vps, 如何用域名登录?现在这样可以访问,但提示“Redirect URI Error”
# The url used to vist this web site.
URL=http://xxx.com:8080
# Nginx
HTTP_IP=0.0.0.0
HTTP_PORT_IP=8080
from outline-docker-compose.
ahmadbelb
commented on September 17, 2024
I am having the same issue did you manage to solve it ?
from outline-docker-compose.
throrin19
commented on September 17, 2024
Same problem here, Impossible to connect to outline (502 error) but the django administation panel is available
from outline-docker-compose.
vicalloy
commented on September 17, 2024
Same problem here, Impossible to connect to outline (502 error) but the django administation panel is available
Outline's image don't support ARM platform. If you use ARM, you should build outline's image by youself.
from outline-docker-compose.
firer1946
commented on September 17, 2024
如下,忘记是参考的哪里了
server{
listen 80;
server_name domain.com;
index index.php index.html index.htm;
add_header Strict-Transport-Security "max-age=31536000; preload";
client_max_body_size 20m;
location / {
proxy_pass http://127.0.0.1:8888; # 转发规则
proxy_set_header Host $host; # 修改转发请求头,让8080端口的应用可以受到真实的请求
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; #此处配置 上面定义的变量
proxy_set_header Connection $connection_upgrade;
}
location /realtime {
proxy_pass http://127.0.0.1:8888/realtime;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_read_timeout 86400;
}
}scripts/config.sh 中URL也需要改为对应域名
from outline-docker-compose.
garywu520
commented on September 17, 2024
如下,忘记是参考的哪里了
server{ listen 80; server_name domain.com; index index.php index.html index.htm; add_header Strict-Transport-Security "max-age=31536000; preload"; client_max_body_size 20m; location / { proxy_pass http://127.0.0.1:8889; # 转发规则 proxy_set_header Host $host; # 修改转发请求头,让8080端口的应用可以受到真实的请求 proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; #此处配置 上面定义的变量 proxy_set_header Connection $connection_upgrade; } location /realtime { proxy_pass http://127.0.0.1:8888/realtime; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_read_timeout 86400; } }
scripts/config.sh中URL也需要改为对应域名
8889是什么服务端口?我这里没这个端口监听,只有一个8888
from outline-docker-compose.
firer1946
commented on September 17, 2024
如下,忘记是参考的哪里了
server{ listen 80; server_name domain.com; index index.php index.html index.htm; add_header Strict-Transport-Security "max-age=31536000; preload"; client_max_body_size 20m; location / { proxy_pass http://127.0.0.1:8889; # 转发规则 proxy_set_header Host $host; # 修改转发请求头,让8080端口的应用可以受到真实的请求 proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; #此处配置 上面定义的变量 proxy_set_header Connection $connection_upgrade; } location /realtime { proxy_pass http://127.0.0.1:8888/realtime; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_read_timeout 86400; } }
scripts/config.sh中URL也需要改为对应域名8889是什么服务端口?我这里没这个端口监听,只有一个8888
写错了,也是8888
from outline-docker-compose.
garywu520
commented on September 17, 2024
#8 (comment) 写错了,也是8888
scripts/config.sh
URL改为了
URL=http://xxx.xxx.com
Nginx
server{
listen 80;
server_name xxx.xxx.com;
index index.php index.html index.htm;
add_header Strict-Transport-Security "max-age=31536000; preload";
client_max_body_size 20m;
location / {
proxy_pass http://127.0.0.1:8888; # 转发规则
proxy_set_header Host $host; # 修改转发请求头,让8080端口的应用可以受到真实的请求
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; #此处配置 上面定义的变量
proxy_set_header Connection $connection_upgrade;
}
location /realtime {
proxy_pass http://127.0.0.1:8888/realtime;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_read_timeout 86400;
}
}
Nginx正常,outline访问还是502,oidc账户后台访问正常。麻烦看看哪里出了问题?谢谢
from outline-docker-compose.
fengwang
commented on September 17, 2024
能否提供一个不带 nginx 的版本?
from outline-docker-compose.
YKDZ
commented on September 17, 2024
按照 @undeflife 的方法对脚本部分内容进行修改后,使用以下 Nginx 配置达成正常使用 SSL 进行连接和登录等:
server {
listen 443 ssl;
server_name docs.xxxx.cn;
ssl_certificate xxxx.crt;
ssl_certificate_key xxxx.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
index index.php index.html index.htm;
add_header Strict-Transport-Security "max-age=31536000; preload";
client_max_body_size 120m;
location / {
proxy_pass http://127.0.0.1:8888;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
location /uc/static {
alias /uc/static_root;
}
location /uc {
proxy_set_header SCRIPT_NAME /uc;
proxy_pass http://127.0.0.1:8000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
add_header X-Cache $upstream_cache_status;
add_header Cache-Control no-cache;
expires -1;
}
}
2024.02.14
把这段直接放在长亭雷池后面失败了,不知道如何修改。
from outline-docker-compose.
Related Issues (20)
- Can't increase upload size beyond 200ish MB
- export all file error HOT 4
- I cant edit notes HOT 12
- failed to export all files 导出所有文件失败 HOT 4
- Unable to Expose to 0.0.0.0 HOT 10
- 使用nginx proxy manager 反代后页面空白 HOT 8
- Make install with "Waiting for nginx" HOT 4
- Refused to fetch content from '<DOMAIN>:443/static/assets/index-3a79bbc9.js' because it violates the following Content Security Policy directive: "default-src 'self' <DOMAIN>:443".
- Backing up data? HOT 2
- 无法设置用户超时
- Multiple Wike HOT 2
- Authentication failed – we were unable to sign you in at this time. Please try again. HOT 5
- Deploy issue
- oidc
- Import markdown .ZIP failed HOT 2
- Reverse Proxy on Cloudflare? HOT 2
- Unable to Upload Files HOT 2
- Authentication Failed After Log Out Through Outline HOT 3
- Unable to Type in Document Until Page Reload
- Other Members Unable to View Document Contents
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from outline-docker-compose.