两个 node.js 域在同一个 nginx 服务器上使用 SSL - 443 的重复侦听选项
Two node.js domains with SSL on same nginx server - duplicate listen options for 443
我已经在我的 DigitalOcean Droplet 中设置了两个 Web 应用程序,我正在尝试 运行 这两个应用程序在不同的域上,使用 SSL 加密。
如果我只使用其中一个域,我可以确认一切正常,当我尝试同时 运行 两个域时出现错误。
nginx -t
duplicate listen options for [::]:443 in /etc/nginx/sites-enabled/hello.com:26
/etc/nginx/sites-avilable/hello.com
server {
server_name hello.com www.hello.com;
location / {
proxy_pass http://localhost:4000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on default_server; # managed by Certbot
listen 443 ssl default_server; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/hello.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/hello.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.hello.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = hello.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name hello.com www.hello.com;
return 404; # managed by Certbot
}
/etc/nginx/sites-available/example.com
server {
server_name example.com www.example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
我该怎么做才能避免这个错误?非常感谢对 nginx 文件的进一步改进。
我使用了以下指南:
如何设置 Nginx 服务器块:https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-14-04-lts
如何在 Ubuntu 16.04 上设置 Node.js 生产应用程序:https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-16-04
如何在 Ubuntu 16.04 上使用 Let's Encrypt 保护 Nginx:
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
问题是ipv6only=on,只能指定一次according to the documentation。
无论如何默认值为on,因此可以安全地删除该选项。
我已经在我的 DigitalOcean Droplet 中设置了两个 Web 应用程序,我正在尝试 运行 这两个应用程序在不同的域上,使用 SSL 加密。
如果我只使用其中一个域,我可以确认一切正常,当我尝试同时 运行 两个域时出现错误。
nginx -t
duplicate listen options for [::]:443 in /etc/nginx/sites-enabled/hello.com:26
/etc/nginx/sites-avilable/hello.com
server {
server_name hello.com www.hello.com;
location / {
proxy_pass http://localhost:4000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on default_server; # managed by Certbot
listen 443 ssl default_server; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/hello.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/hello.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.hello.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = hello.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name hello.com www.hello.com;
return 404; # managed by Certbot
}
/etc/nginx/sites-available/example.com
server {
server_name example.com www.example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 404; # managed by Certbot
}
我该怎么做才能避免这个错误?非常感谢对 nginx 文件的进一步改进。
我使用了以下指南:
如何设置 Nginx 服务器块:https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-14-04-lts
如何在 Ubuntu 16.04 上设置 Node.js 生产应用程序:https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-16-04
如何在 Ubuntu 16.04 上使用 Let's Encrypt 保护 Nginx: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
问题是ipv6only=on,只能指定一次according to the documentation。
无论如何默认值为on,因此可以安全地删除该选项。