标签:openssl+nginx反向代理 seafile服务器使用443端口 反向代理8000端口
Centos 7 部署Seafile+Nginx
我们之前简单部署了Seafile服务器,如今在Seafile的基础上使用Openssl+Nginx反向代理8000端口部署。
82 cd /usr/src
84 wget https://www.openssl.org/source/openssl-1.1.0c.tar.gz
85 wget http://nginx.org/download/nginx-1.10.2.tar.gz
86 tar xzf nginx-1.10.2.tar.gz && mv nginx-1.10.2.tar.gz ~
87 tar xzf openssl-1.1.0c.tar.gz && mv openssl-1.1.0c.tar.gz ~
89 cd nginx-1.10.2
90 ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-openssl=/usr/src/openssl-1.1.0c --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-http_v2_module --with-ipv6
92 make && make install
94 useradd -s /sbin/nologin -M nginx
95 mkdir -p /var/cache/nginx/
98 openssl genrsa -out privkey.pem 2048
99 openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 /*按回车后可以随便填写内容*/
101 vi /etc/nginx/nginx.conf /*按回车后注释以下内容-并添加内容*/
/*注释内容如下*/
# server {
# listen 80;
# server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# root html;
# index index.html index.htm;
# }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# root html;
# }
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache‘s document root
# concurs with nginx‘s one
#
#location ~ /\.ht {
# deny all;
#}
# }
/*添加内容如下*/
server {
listen 80;
server_name seafile.abc.com; #自己的域名
rewrite ^ https://$http_host$request_uri? permanent; #强制将http重定向到https
}
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/cacert.pem; #cacert.pem 文件路径
ssl_certificate_key /etc/ssl/privkey.pem; #privkey.pem 文件路径
server_name seafile.abc.com; #自己的域名
proxy_set_header X-Forwarded-For $remote_addr;
location / {
fastcgi_pass 127.0.0.1:8000; #端口号
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
access_log /var/log/nginx/seahub.access.log;
error_log /var/log/nginx/seahub.error.log;
}
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
client_max_body_size 0;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
}
location /media {
root /home/cloud/seafile-server-latest/seahub; #seahub路径
}
}
123 nginx -c /etc/nginx/nginx.conf
124 ./seafile.sh start
125 ./seahub.sh start-fastcgi
访问WEB:https://192.168.88.10/ /*如果提示404请重启服务器且执行123,124,125步骤*/
admin_User:abc@abc.com
psk:abc
本文出自 “XnNetBlog” 博客,请务必保留此出处http://xnnet.blog.51cto.com/12795469/1927437
标签:openssl+nginx反向代理 seafile服务器使用443端口 反向代理8000端口
原文地址:http://xnnet.blog.51cto.com/12795469/1927437