我使用 nginx 作为 Web 前端,使用 apache2 作为 Web 后端。Apache 在本地运行多个网站,然后使用 nginx 访问它们。
目前,托管了不同的子域,但我想借助http://my-single-domain.com/subdomain-aliasnginx 将它们迁移到单个子域中。
每个子域的根目录和 apache2 vhost 端口都是不同的(听起来很明显,不是吗?)。
我尝试了几种配置,但无法获取发送的资源,即虽然设置了404 Not Found规则,但索引 html 已发送,但服务器找不到资源( )。root
我尝试了几种解决方案,例如:
location /alias1 {
proxy_pass http://127.0.0.1:9095/;
include /etc/nginx/proxy.conf;
}
或者
location /alias1 {
alias /alias1/;
proxy_pass http://127.0.0.1:9095/;
include /etc/nginx/proxy.conf;
}
甚至
location /alias1/ {
rewrite ^/alias1(/.*)$ $1 break;
proxy_pass http://127.0.0.1:9095/;
}
或再次
location /alias1/ {
rewrite ^/alias1(/.*)$ $1 break;
proxy_pass http://127.0.0.1:9095/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
这个设置有什么问题?如何设置 nginx 在/alias1/page请求年龄时从特定根目录检索资产?
首先询问webmasters.stackexchange.com
---### /etc/nginx/proxy.conf proxy_redirect off; proxy_set_header 主机 $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; #client_max_body_size 10m; #client_body_buffer_size 128k; proxy_connect_timeout 90; #proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffers 32 4k;
/etc/nginx/nginx.conf
user www-data www-data;
worker_processes 2;
pid /var/run/nginx.pid;
worker_rlimit_nofile 1024;
events {
worker_connections 512;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile "on";
tcp_nopush "on";
tcp_nodelay "on";
keepalive_timeout "65";
access_log "/var/log/nginx/access.log";
error_log "/var/log/nginx/error.log";
server_tokens off;
types_hash_max_size 2048;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*/*;
}
/etc/nginx/site-enable/single-domain.conf
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/private/single-domain.com-with_chain.crt;
ssl_certificate_key /etc/ssl/private/single-domain.com.key.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/private/dhparams.pem;
server_name www.single-domain.com;
location / {
proxy_pass http://127.0.0.1:8090/;
include /etc/nginx/proxy.conf;
}
location /alias/ {
proxy_redirect off;
proxy_http_version 1.1;
proxy_pass http://127.0.0.1:8103/;
proxy_set_header Host alias.single-domain.com;
root /var/www/alias.single-domain.com;
}
location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx|otf|eot|svg|ttf|woff)$ {
root /var/www/single-domain.com/public;
proxy_buffering on;
proxy_cache_valid 200 120m;
expires 864000;
}
access_log /var/log/nginx/single-domain.com/www-access.log;
error_log /var/log/nginx/single-domain.com/www-error.log;
}
答案1
如果 apache 正在监听9095domain 的端口和domain 的sub1.example.com端口,并且您希望 nginx 传递到第一个 apache 虚拟主机和 第二个 apache 虚拟主机,您可以执行以下操作:9096sub2.example.comhttp://www.example.com/alias1http://www.example.com/alias2
location /alias1/ {
proxy_redirect off;
proxy_http_version 1.1;
proxy_pass http://127.0.0.1:9095/;
proxy_set_header Host sub1.example.com;
}
location /alias2/ {
proxy_redirect off;
proxy_http_version 1.1;
proxy_pass http://127.0.0.1:9096/;
proxy_set_header Host sub2.example.com;
}
那么例如原始对 nginx 的请求http://your-single-domain.example.com/alias1/foo/page1.html将被转发到 apache,就像它到达了http://sub1.example.com:9095/foo/page1.html
而对 nginx 的原始请求http://your-single-domain.example.com/alias2/bar/baz/page2.html将被转发到 apache,就像它到达了http://sub2.example.com:9096/bar/baz/page2.html
更新1(概念证明):使用 nginx仅有的配置文件如上所述,我们以 netcat 身份运行nc -l -p 9095(apache 不应该在该端口上监听此调试),然后在浏览器中打开http://www.single-domain.com/alias1/assets/style.css。我们应该在 netcat 输出中看到以下内容:
GET /assets/style.css HTTP/1.1
Host: sub1.example.com
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.6.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
如果有 apache 监听端口 9095,而不是我们的 netcat,那么它将获得 URL 的 HTTP/1.1 请求“http://sub1.example.com/assets/style.css“(将显示在/var/log/apache2/access_log或类似内容中)
请注意,这rewrite ^/alias1(/.*)$ $1 break;不是必需的,因为location /alias1/会自动删除/alias1/URL 的该部分。
如果使用时得到不同的输出你的nginx 配置文件,这意味着你在 nginx 中有冲突的指令 - 我建议从这个答案中的配置开始,检查它是否有效,然后开始逐个添加旧的配置块,直到它中断 - 然后你将有需要更改的冲突块。
更新2:由于您发布了 nginx 配置,因此很明显 - 您有位置覆盖,表明您的所有.css文件(以及一堆其他文件)都将由 nginx 直接提供/var/www/single-domain.com/public。删除或编辑它,它将通过 apache。