我正在尝试将我的 Nginx 设置为反向代理服务器。
我在同一台服务器上安装了 Jenkins 和 Nginx。我尝试通过端口 82 而不是端口 8080 访问 Jenkins。
为此,我到目前为止所做的是:
转到
/etc/nginx/conf.d并创建一个新文件,例如:“forward_jenkins.conf”的内容
forward_jenkins.conf。(这是我在互联网上找到的随机片段。)server { listen 82; server_name foobar.net; location / { proxy_pass http://127.0.0.1:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }保存文件并启动 Nginx。
以下是我收到的错误:
[root@localhost conf.d]# systemctl start nginx
Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
我也尝试了以下命令。
[root@localhost conf.d]# nginx -t -c /etc/nginx/conf.d/forward_jenkins.conf
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/conf.d/forward_jenkins.conf:1
nginx: configuration file /etc/nginx/conf.d/forward_jenkins.conf test failed
我没有修改nginx.conf文件中的任何内容:
[root@localhost nginx]# cat nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
这是状态命令的输出。请帮我解决这个问题。
[root@localhost conf.d]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Mon 2017-12-11 20:41:37 IST; 6s ago
Process: 2446 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=1/FAILURE)
Process: 2445 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Dec 11 20:41:36 localhost.localdomain systemd[1]: Starting The nginx HTTP and reverse proxy server...
Dec 11 20:41:37 localhost.localdomain nginx[2446]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Dec 11 20:41:37 localhost.localdomain nginx[2446]: nginx: [emerg] bind() to 0.0.0.0:82 failed (13: Permission denied)
Dec 11 20:41:37 localhost.localdomain nginx[2446]: nginx: configuration file /etc/nginx/nginx.conf test failed
Dec 11 20:41:37 localhost.localdomain systemd[1]: nginx.service: control process exited, code=exited status=1
Dec 11 20:41:37 localhost.localdomain systemd[1]: Failed to start The nginx HTTP and reverse proxy server.
Dec 11 20:41:37 localhost.localdomain systemd[1]: Unit nginx.service entered failed state.
Dec 11 20:41:37 localhost.localdomain systemd[1]: nginx.service failed.
答案1
现在,我正尝试开启 SELinux 来实现这一点。
我尝试了下面来自互联网的步骤。
yum install policycoreutils-python
semanage port -a -t http_port_t -p tcp 82
semanage port -l | grep ^http_port_t
[root@localhost nginx]# semanage port -l | grep ^http_port_t
http_port_t tcp 82, 80, 81, 443, 488, 8008, 8009, 8443, 9000
我可以看到端口 82 已成功添加。
但是,当我尝试从主机访问我的 Jenkins 服务器时http://192.168.5.129:82/,浏览器上出现以下错误。
502错误的网关
笔记:
我能够从http://192.168.5.129:8080/
我还可以通过以下方式访问 Nginxz Web 服务器:http://192.168.5.129:80
当我将其设置为 SELinux Permissive 时,我就可以通过端口 82 访问 Jenkins。
但我正在尝试使用 SELinux 来解决这个问题。
更新:通过输入以下命令解决。
setsebool -P httpd_can_network_connect 1
答案2
需要检查以下几点:防火墙是否允许您从端口 82 和 8080 进入?在没有 NginX 配置的情况下,是否可以从 8080 端口访问 Jenkins?
我要做的是删除您当前的 NginX 安装并从 NginX 官方存储库安装它。我假设您是从 epel-release 安装的,对吗?我不太喜欢那样,因为有时我也遇到过这样的事情。这样,您将获得另一个更简单的 nginx.conf 文件,没有任何服务器指令,因此不那么令人困惑。
我很确定你的配置很好,只是你的 nginx.conf 破坏了它。删除 nginx 并从 nginxs 官方存储库重新安装它可能会解决你的问题。但这是我的 nginx.conf,根据您的设置进行了一些修改:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/plain application/x-javascript text/xml text/css;
gzip_vary on;
include /etc/nginx/conf.d/*.conf;
#include /etc/nginx/sites-enabled/*.conf;
}
您可以尝试将其复制粘贴到您的 nginx.conf 文件中(确保始终创建文件的备份)。
答案3
似乎是 SELinux 模式的问题。
尝试了下面的方法并且有效。
1.通过运行 getenforce 检查当前的 SELinux 模式。如果显示为 Enforcing,则通过运行 setenforce 0 暂时将模式设置为 Permissive,然后查看您的应用程序是否正常工作。