Plesk 12.5 Nginx 代理将 SSL 传递给不同端口上的 Node 应用程序
Plesk 12.5 Nginx proxy pass SSL to Node app on different port
前言:尝试为 Plesk 安装 JXCore 的节点扩展,但无法正常工作。给我一些错误,他们的支持是不回复电子邮件......
[IP 地址] = 真实 IP,example.com = 真实域名
无论如何,我有我的 nodejs 应用程序和 运行 一个 SSL 证书。如果我转到 https://example.com:3000,工作正常,这是我用于 Node.js 的端口。 SSL证书加载全绿,一切正常。
我正在使用 Plesk 12.5,并且已经安装了 Nginx。 .conf 文件位于 /var/www/vhosts/[domain]/conf/nginx.conf.
顶部写着:
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
他们不是在开玩笑。对此文件所做的任何更改几乎会立即被覆盖。
完整文件内容如下:
server {
listen [IP ADDRESS]:443 ssl;
server_name example.com;
server_name www.example.com;
server_name ipv4.example.com;
ssl_certificate /usr/local/psa/var/certificates/cert-HREdQ9;
ssl_certificate_key /usr/local/psa/var/certificates/cert-HREdQ9;
ssl_client_certificate /usr/local/psa/var/certificates/cert-wpX6q1;
client_max_body_size 128m;
root "/var/www/vhosts/msgable.com/httpdocs";
access_log "/var/www/vhosts/system/example.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log";
location / {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location @fallback {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/plesk-stat/ {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip))$ {
try_files $uri @fallback;
}
location ~ ^/(plesk-stat|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon) {
proxy_pass https://74.208.65.63:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
alias /var/www/vhosts/example.com/web_users//;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ ^/~(.+?)(/.*)?$ {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ \.php(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ /$ {
index index.html index.cgi index.pl index.php index.xhtml index.htm index.shtml;
}
include "/var/www/vhosts/system/example.com/conf/vhost_nginx.conf";
}
我不会包含 HTTP(非 SSL)内容,因为它们是相同的信息。唯一的区别是端口是 80,而 proxy_pass 设置为 7080.
您会注意到底部有:
include "/var/www/vhosts/system/example.com/conf/vhost_nginx.conf";
这是我放入该文件的内容:
location / {
proxy_pass https://[IP ADDRESS]:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
把它放在那里给了我一个:
nginx: [emerg] duplicate location "/"
我也试过在设置中使用 Plesk 的 "Additional nginx directives",但我得到了同样的错误:
nginx: [emerg] 重复位置“/”
有任何想法吗?我正准备放弃 Plesk 并研究 AWS 之类的东西……
我得出的结论是,a) 您不能覆盖 Plesk 创建的 Nginx confs,b) 您不能直接更改 conf 文件。
所以基本上 proxy_pass 使用 Plesk 是不可能的。
编辑:
也尝试以上游方式进行,但是通过 Plesk 或通过 vhost_nginx.conf 将上游指令添加到管理界面会给我一个错误提示 "nginx: [emerg] directive Upstream is not allowed here".
编辑#2:
阅读此 post Nginx to address Nodejs app,添加此处解释的内容无济于事。开始认为使用 Plesk 是不可能的。
啊!在没有 Plesk 的服务器上完成如此简单的任务!
折腾了两天,终于帮我解决了。
在 Plesk 中,您转到 "Hosting Options" 页面内的 "Additional nginx directives"。
这是我为使 Nginx proxy_pass 成为我的节点应用程序而添加的内容。
根本不需要编辑或更改任何 .conf 文件。
## Set the location routing.
location ~ / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
##Use the domain.tld here.
proxy_pass https://example.com:3000;
}
前言:尝试为 Plesk 安装 JXCore 的节点扩展,但无法正常工作。给我一些错误,他们的支持是不回复电子邮件......
[IP 地址] = 真实 IP,example.com = 真实域名
无论如何,我有我的 nodejs 应用程序和 运行 一个 SSL 证书。如果我转到 https://example.com:3000,工作正常,这是我用于 Node.js 的端口。 SSL证书加载全绿,一切正常。
我正在使用 Plesk 12.5,并且已经安装了 Nginx。 .conf 文件位于 /var/www/vhosts/[domain]/conf/nginx.conf.
顶部写着:
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
他们不是在开玩笑。对此文件所做的任何更改几乎会立即被覆盖。
完整文件内容如下:
server {
listen [IP ADDRESS]:443 ssl;
server_name example.com;
server_name www.example.com;
server_name ipv4.example.com;
ssl_certificate /usr/local/psa/var/certificates/cert-HREdQ9;
ssl_certificate_key /usr/local/psa/var/certificates/cert-HREdQ9;
ssl_client_certificate /usr/local/psa/var/certificates/cert-wpX6q1;
client_max_body_size 128m;
root "/var/www/vhosts/msgable.com/httpdocs";
access_log "/var/www/vhosts/system/example.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log";
location / {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location @fallback {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/plesk-stat/ {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip))$ {
try_files $uri @fallback;
}
location ~ ^/(plesk-stat|webstat|webstat-ssl|ftpstat|anon_ftpstat|awstats-icon) {
proxy_pass https://74.208.65.63:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
alias /var/www/vhosts/example.com/web_users//;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ ^/~(.+?)(/.*)?$ {
proxy_pass https://[IP ADDRESS]:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
location ~ \.php(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ /$ {
index index.html index.cgi index.pl index.php index.xhtml index.htm index.shtml;
}
include "/var/www/vhosts/system/example.com/conf/vhost_nginx.conf";
}
我不会包含 HTTP(非 SSL)内容,因为它们是相同的信息。唯一的区别是端口是 80,而 proxy_pass 设置为 7080.
您会注意到底部有:
include "/var/www/vhosts/system/example.com/conf/vhost_nginx.conf";
这是我放入该文件的内容:
location / {
proxy_pass https://[IP ADDRESS]:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
access_log off;
}
把它放在那里给了我一个:
nginx: [emerg] duplicate location "/"
我也试过在设置中使用 Plesk 的 "Additional nginx directives",但我得到了同样的错误:
nginx: [emerg] 重复位置“/” 有任何想法吗?我正准备放弃 Plesk 并研究 AWS 之类的东西…… 我得出的结论是,a) 您不能覆盖 Plesk 创建的 Nginx confs,b) 您不能直接更改 conf 文件。
所以基本上 proxy_pass 使用 Plesk 是不可能的。
编辑:
也尝试以上游方式进行,但是通过 Plesk 或通过 vhost_nginx.conf 将上游指令添加到管理界面会给我一个错误提示 "nginx: [emerg] directive Upstream is not allowed here".
编辑#2: 阅读此 post Nginx to address Nodejs app,添加此处解释的内容无济于事。开始认为使用 Plesk 是不可能的。
啊!在没有 Plesk 的服务器上完成如此简单的任务!
折腾了两天,终于帮我解决了。 在 Plesk 中,您转到 "Hosting Options" 页面内的 "Additional nginx directives"。
这是我为使 Nginx proxy_pass 成为我的节点应用程序而添加的内容。 根本不需要编辑或更改任何 .conf 文件。
## Set the location routing.
location ~ / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
##Use the domain.tld here.
proxy_pass https://example.com:3000;
}