当在 Discourse 前面运行 NGINX 反向代理时,您无法登录到站点。提交凭据后,您会被重定向回索引页面,且没有建立会话。未显示任何错误,日志似乎表明登录已成功。
Creating scope :open. Overwriting existing method Poll.open.
Started GET "/" for 10.42.4.0 at 2021-10-05 14:24:41 +1300
Processing by ListController#latest as HTML
Rendered list/list.erb within layouts/application (Duration: 8.8ms | Allocations: 1141)
Rendered layout layouts/application.html.erb (Duration: 22.9ms | Allocations: 3194)
Completed 200 OK in 189ms (Views: 23.9ms | ActiveRecord: 0.0ms | Allocations: 21280)
Creating scope :open. Overwriting existing method Poll.open.
Started GET "/session/csrf" for 10.42.4.0 at 2021-10-05 14:24:52 +1300
Processing by SessionController#csrf as JSON
Completed 200 OK in 384ms (Views: 0.3ms | ActiveRecord: 0.0ms | Allocations: 5303)
Started POST "/session" for 10.42.4.0 at 2021-10-05 14:24:52 +1300
Processing by SessionController#create as */*
Parameters: {"login"=>"admin", "password"=>"[FILTERED]", "second_factor_method"=>"1", "timezone"=>"Pacific/Auckland"}
Completed 200 OK in 1043ms (Views: 0.3ms | ActiveRecord: 0.0ms | Allocations: 147364)
Started POST "/login" for 10.42.4.0 at 2021-10-05 14:24:54 +1300
Processing by StaticController#enter as HTML
Parameters: {"username"=>"admin", "password"=>"[FILTERED]", "redirect"=>"https://forum.test.financefeast.io/"}
Redirected to https://forum.test.financefeast.io/
Completed 302 Found in 3ms (ActiveRecord: 0.0ms | Allocations: 710)
Started GET "/" for 10.42.4.0 at 2021-10-05 14:24:54 +1300
Processing by ListController#latest as HTML
Rendered list/list.erb within layouts/application (Duration: 46.7ms | Allocations: 11808)
Rendered layout layouts/application.html.erb (Duration: 308.6ms | Allocations: 53646)
Completed 200 OK in 1123ms (Views: 311.1ms | ActiveRecord: 0.0ms | Allocations: 167190)
在不使用 NGINX 反向代理的情况下测试 Discourse,登录正常。是否有针对 NGINX 的特定配置来解决此问题?
以下是 NGINX 配置文件:
server {
listen 80;
server_tokens off;
server_name forum.test.financefeast.io;
location / {
return 301 https://$host$request_uri;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30m;
add_header Pragma public;
add_header Cache-Control "public";
}
}
server {
ssl_certificate /etc/nginx/certs/test.financefeast.io-bundle.crt;
ssl_certificate_key /etc/nginx/certs/test.financefeast.io.key;
listen 443 ssl;
server_name forum.test.financefeast.io;
location / {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_buffers 8 32k;
proxy_buffer_size 64k;
proxy_pass https://kube_lb;
}
}