我只有一台运行不同应用程序的测试机器:一个客户端和一个服务器。
客户端响应的是端口3000
,服务器端响应的是端口3001
。
我将 nginx 设置为反向代理,并允许用户连接到我的域:
客户端应该对以下名称做出响应:domain.net
,www.domain.net
和idsm.comain.net
而服务器应该响应server.domain.net
。
我的 nginx 默认文件如下
server {
server_name domain.net www.domain.net idsm.domain.net;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:3000;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name server.domain.net;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:3001;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = idsm.domain.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = www.domain.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name domain.net www.domain.net idsm.domain.net;
return 404; # managed by Certbot
}
server {
if ($host = server.domain.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name server.domain.net;
return 404; # managed by Certbot
}
我像往常一样使用 certbot 添加了证书:对我来说一切看起来都是正确的。
然后nginx -t
没有返回错误。
然后我启动了systemctl start nginx
,没有返回任何错误。
返回system status nginx
以下内容:
root@neo4j:/etc/nginx/sites-enabled# systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-11-19 19:03:53 CET; 2s ago
Docs: man:nginx(8)
Process: 36872 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 36873 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 36874 (nginx)
Tasks: 9 (limit: 76087)
Memory: 9.9M
CPU: 58ms
CGroup: /system.slice/nginx.service
├─36874 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
├─36875 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
├─36876 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
├─36877 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
├─36878 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
├─36879 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
├─36880 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
├─36881 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
└─36882 "nginx: worker process" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" "" ""
nov 19 19:03:53 neo4j systemd[1]: Starting A high performance web server and a reverse proxy server...
nov 19 19:03:53 neo4j systemd[1]: Started A high performance web server and a reverse proxy server.
一切看上去都很好而且似乎正确。
但是什么都没有运行,如果我启动,nginx
结果如下:
root@neo4j:/etc/nginx/sites-enabled# nginx
nginx: [emerg] bind() to [::]:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:443 failed (98: Unknown error)
nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Unknown error)
nginx: [emerg] bind() to [::]:80 failed (98: Unknown error)
nginx: [emerg] still could not bind()
root@neo4j:/etc/nginx/sites-enabled#
该配置文件是 sites-enabled 中唯一的文件。
Apache2 已从服务器上卸载。
总共有 8 个进程在监听 80 端口,它们是 nginx 工作进程(从 36875 到 36882)。
我不明白为什么有这么多(8)个工作进程(可能是因为我有 8 个核心?)。
我不明白为什么 nginx 无法启动并且无法绑定。
==============================================================
在 Thomas Ward 评论之后,我运行了sudo ss -tulpn | grep 443
它,结果如下:
sudo ss -tulpn | grep 443
[sudo] password di neo4j:
tcp LISTEN 0 511 0.0.0.0:443 0.0.0.0:* users:(("nginx",pid=43361,fd=7),("nginx",pid=43360,fd=7),("nginx",pid=43359,fd=7),("nginx",pid=43358,fd=7),("nginx",pid=43357,fd=7),("nginx",pid=43356,fd=7),("nginx",pid=43355,fd=7),("nginx",pid=43354,fd=7),("nginx",pid=43353,fd=7))
tcp LISTEN 0 511 [::]:443 [::]:* users:(("nginx",pid=43361,fd=6),("nginx",pid=43360,fd=6),("nginx",pid=43359,fd=6),("nginx",pid=43358,fd=6),("nginx",pid=43357,fd=6),("nginx",pid=43356,fd=6),("nginx",pid=43355,fd=6),("nginx",pid=43354,fd=6),("nginx",pid=43353,fd=6))
但是为什么所有这些nginx: [emerg] bind() to [::]:80 failed (98: Unknown error)
都意味着端口已被使用?
然后我尝试重述这个问题:
我有一个在端口 3000 上运行的 React 应用程序
如果我http://idsm.domain.net
在浏览器中运行,它会返回502: bad gateway
。
为什么?