V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
Distributions
Ubuntu
Fedora
CentOS
中文资源站
网易开源镜像站
spr1ngs
V2EX  ›  Linux

nginx 反代 halo 8090 端口 +SSL,网站一会能访问一会不行

  •  
  •   spr1ngs · 2022-11-06 20:20:53 +08:00 · 1911 次点击
    这是一个创建于 750 天前的主题,其中的信息可能已经有所发展或是发生改变。
    这是 nginx 代码
    user nginx nginx;
    worker_processes 1;
    事件 {
    worker_connections 1024;
    }
    HTTP {
    include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server {
    listen 80; server_name www.xxxx.me; client_max_body_size 1024m; location / { proxy_set_header HOST $host; proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;









    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_pass http://127.0.0.1:8090;
    }
    error_page 500 502 503 504 /50x.html;

    location = /50x.html {
    root html;
    }


    }
    server {
    listen 443 SSL;

    server_name xxxx.me www.xxxxx.me;

    ssl_certificate /usr/local/nginx/cert/xxxx.me/cert1.pem;
    ssl_certificate_key /usr/local/nginx/cert/xxxx.me/privkey1.pem;
    ssl_session_timeout 5 米;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!空:!空:! MD5:!哎呀:! RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers;

    location / { proxy_set_header HOST $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;




    proxy_pass http://127.0.0.1:8090/;
    }
    }
    }
    7 条回复    2022-11-07 13:47:28 +08:00
    spr1ngs
        1
    spr1ngs  
    OP
       2022-11-06 20:22:51 +08:00
    为啥复制进去是对的 发出来就乱的?
    spr1ngs
        2
    spr1ngs  
    OP
       2022-11-06 20:31:08 +08:00
    user nginx nginx;
    worker_processes 1;
    events {
    worker_connections 1024;
    }
    http {
    include mime.types;
    default_type application/octet-stream;
    sendfile on;
    keepalive_timeout 65;
    server {
    listen 80;
    server_name www.rockylinux.me;
    client_max_body_size 1024m;
    location / {
    proxy_set_header HOST $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_pass http://127.0.0.1:8090;
    }
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    }
    server {
    listen 443 ssl;

    server_name rockylinux.me www.rockylinux.me;
    # 配置证书的源,已经存放在 /usr/local/nginx/conf/cert/下
    ssl_certificate /usr/local/nginx/cert/rockylinux.me/cert1.pem;
    ssl_certificate_key /usr/local/nginx/cert/rockylinux.me/privkey1.pem;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    location / {
    proxy_set_header HOST $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_pass http://127.0.0.1:8090/;
    }
    }
    }
    ysc3839
        3
    ysc3839  
       2022-11-06 21:12:21 +08:00 via Android
    @spr1ngs Markdown 格式,要发代码的话在开头和结尾两行单独写上 ```
    比如这样:
    ```
    代码
    ```
    PendingOni
        4
    PendingOni  
       2022-11-06 21:30:05 +08:00
    不打算一直走 https 重定向么?
    July1991
        5
    July1991  
       2022-11-07 08:57:44 +08:00
    这是我前 2 周搭建的,一切正常,需科学访问
    https://harley.xuanyuanhuangdi.org/

    配置如下,一开始我也有乱码情况,nginx 是 lnmp 脚本生成的,需要注射调#的内容就正常了:

    <pre>
    upstream halo {
    server 127.0.0.1:8090;
    }

    server
    {
    listen 80;
    #listen [::]:80;
    server_name harley.xuanyuanhuangdi.org ;
    index index.html index.htm index.php default.html default.htm default.php;
    root /home/wwwroot/harley.xuanyuanhuangdi.org;

    #include rewrite/none.conf;
    #error_page 404 /404.html;

    # Deny access to PHP files in specific directory
    #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

    include enable-php.conf;

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
    expires 30d;
    }

    location ~ .*\.(js|css)?$
    {
    expires 12h;
    }

    location ~ /.well-known {
    allow all;
    }

    location ~ /\.
    {
    deny all;
    }

    location / {
    return 301 https://$host$request_uri;
    }

    access_log off;
    }

    server
    {
    listen 443 ssl http2;
    #listen [::]:443 ssl http2;
    server_name harley.xuanyuanhuangdi.org ;
    # index index.html index.htm index.php default.html default.htm default.php;
    # root /home/wwwroot/harley.xuanyuanhuangdi.org;

    ssl_certificate /usr/local/nginx/conf/ssl/harley.xuanyuanhuangdi.org/fullchain.cer;
    ssl_certificate_key /usr/local/nginx/conf/ssl/harley.xuanyuanhuangdi.org/harley.xuanyuanhuangdi.org.key;
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TL$
    ssl_session_cache builtin:1000 shared:SSL:10m;
    # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
    ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

    # include rewrite/none.conf;
    #error_page 404 /404.html;

    # Deny access to PHP files in specific directory
    #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

    # include enable-php.conf;

    # location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    # {
    # expires 30d;
    # }

    # location ~ .*\.(js|css)?$
    # {
    # expires 12h;
    #}

    # location ~ /.well-known {
    # allow all;
    # }

    # location ~ /\.
    # {
    # deny all;
    # }

    location /shenfu1991 { #/ray 提供流量重定向功能,匹配转发翻墙流量,客户 $
    proxy_redirect off;
    proxy_pass http://127.0.0.1:10010;#翻墙流量转发给 10000 端口,v2ray 配>
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $http_host;
    }

    location / {
    proxy_pass http://halo;
    proxy_set_header HOST $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
    access_log off;
    }

    </pre>
    July1991
        6
    July1991  
       2022-11-07 09:00:10 +08:00
    @July1991 不小心把 v2 代理也贴上了。。。。忽略那段即可
    Foxkeh
        7
    Foxkeh  
       2022-11-07 13:47:28 +08:00
    看看 nginx 的日志 access.log 和 error.log 提示是什么原因呢?
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   1781 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 25ms · UTC 16:39 · PVG 00:39 · LAX 08:39 · JFK 11:39
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.