Digitalocean 使用 nginx 部署节点 https 应用程序
Digitalocean deploying node https app with nginx
我 运行 使用 nginx 在 Digitalocean droplet 中安装我的应用程序我发现如果我 运行 我的应用程序与 http 它完美地工作,但是当我 运行 它使用 https nginx 给我 502 BAD GATEWAY
,我尝试了其他 digitalocean 指南并搜索了 Whosebug,但从未找到解决方案,所以我考虑制作这个 post.
NGINX 默认文件:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomain.io www.mydomain.io;
ssl_certificate /home/myapp/ssl/myapp.crt;
ssl_certificate_key /home/myapp/ssl/myapp.key;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
我的应用代码:
const express = require("express");
//const http = require('http');
const https = require('https');
const helmet = require("helmet");
const cors = require("cors");
const fs = require("fs");
const path = require("path");
const app = express();
const config = require("./config");
const passport = require("passport");
const credentials = { key: fs.readFileSync('ssl/myapp.key', 'utf-8'), cert: fs.readFileSync('ssl/myapp.crt', 'utf-8'), ca: fs.readFileSync('ssl/myapp.ca-bundle', 'utf-8') };
app.use(helmet());
app.use(cors());
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(
require("express-session")({
secret: require("./config.json").app.secretKey,
resave: false,
saveUninitialized: true,
cookie: {
secure: false,
maxAge: 60 * 60 * 1000 * 24 * 365,
},
})
);
app.use(passport.initialize());
app.use(passport.session());
passport.use(require("./service/passport"));
app.set("view engine", "ejs");
app.set("views", path.join(__dirname, "views"));
app.use(express.static(path.join(__dirname, "views")));
app.use('/', require('./api/home'));
app.use("/auth", require("./api/auth"));
app.use("/user", require("./api/user"));
app.get('/tos',(req,res)=>{
res.render('tos');
});
//var httpServer = http.createServer(app);
var httpsServer = https.createServer(credentials, app);
httpsServer.listen(config.app.port,'localhost',()=>{
console.log("App started on port:"+config.app.port);
});
我是 nginx 的新手,谁能解释一下如何做到这一点?
我有多个服务器 运行 node.js 应用程序在 80 和 443 上都很好。
我会更喜欢你使用我使用的配置-
server {
server_name yourdomain.com;
proxy_buffering off;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = yourdomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 0.0.0.0:80;
server_name yourdomain.com;
return 404; # managed by Certbot
}
我主要将 Certbot 用于我的 SSL 证书,您可以使用任何您想要的其他东西!
您的应用程序代码 运行 使用 HTTPS,而 NGINX proxy_pass 使用 http://localhost:3000.
要解决此问题,有两种方法:
- 使用 https://localhost:3000 更新 proxy_pass 并重启 NGINX
- 在应用程序级别使用 HTTP 而不是 HTTPS 并重新启动应用程序
任何选项都可以解决问题,最省力的方法是使用选项一。
您无需更改应用程序中的任何内容并继续使用 HTTP,Nginx 将为 https 请求提供服务并将 HTTP 重定向到您的应用程序。
我 运行 使用 nginx 在 Digitalocean droplet 中安装我的应用程序我发现如果我 运行 我的应用程序与 http 它完美地工作,但是当我 运行 它使用 https nginx 给我 502 BAD GATEWAY
,我尝试了其他 digitalocean 指南并搜索了 Whosebug,但从未找到解决方案,所以我考虑制作这个 post.
NGINX 默认文件:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomain.io www.mydomain.io;
ssl_certificate /home/myapp/ssl/myapp.crt;
ssl_certificate_key /home/myapp/ssl/myapp.key;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
我的应用代码:
const express = require("express");
//const http = require('http');
const https = require('https');
const helmet = require("helmet");
const cors = require("cors");
const fs = require("fs");
const path = require("path");
const app = express();
const config = require("./config");
const passport = require("passport");
const credentials = { key: fs.readFileSync('ssl/myapp.key', 'utf-8'), cert: fs.readFileSync('ssl/myapp.crt', 'utf-8'), ca: fs.readFileSync('ssl/myapp.ca-bundle', 'utf-8') };
app.use(helmet());
app.use(cors());
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(
require("express-session")({
secret: require("./config.json").app.secretKey,
resave: false,
saveUninitialized: true,
cookie: {
secure: false,
maxAge: 60 * 60 * 1000 * 24 * 365,
},
})
);
app.use(passport.initialize());
app.use(passport.session());
passport.use(require("./service/passport"));
app.set("view engine", "ejs");
app.set("views", path.join(__dirname, "views"));
app.use(express.static(path.join(__dirname, "views")));
app.use('/', require('./api/home'));
app.use("/auth", require("./api/auth"));
app.use("/user", require("./api/user"));
app.get('/tos',(req,res)=>{
res.render('tos');
});
//var httpServer = http.createServer(app);
var httpsServer = https.createServer(credentials, app);
httpsServer.listen(config.app.port,'localhost',()=>{
console.log("App started on port:"+config.app.port);
});
我是 nginx 的新手,谁能解释一下如何做到这一点?
我有多个服务器 运行 node.js 应用程序在 80 和 443 上都很好。
我会更喜欢你使用我使用的配置-
server {
server_name yourdomain.com;
proxy_buffering off;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = yourdomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 0.0.0.0:80;
server_name yourdomain.com;
return 404; # managed by Certbot
}
我主要将 Certbot 用于我的 SSL 证书,您可以使用任何您想要的其他东西!
您的应用程序代码 运行 使用 HTTPS,而 NGINX proxy_pass 使用 http://localhost:3000.
要解决此问题,有两种方法:
- 使用 https://localhost:3000 更新 proxy_pass 并重启 NGINX
- 在应用程序级别使用 HTTP 而不是 HTTPS 并重新启动应用程序
任何选项都可以解决问题,最省力的方法是使用选项一。
您无需更改应用程序中的任何内容并继续使用 HTTP,Nginx 将为 https 请求提供服务并将 HTTP 重定向到您的应用程序。