如何同时将 nginx 作为 SSL 反向代理和 Web 服务器运行?

如何同时将 nginx 作为 SSL 反向代理和 Web 服务器运行?

我的 SSL 反向代理工作正常,但我不知道如何让 nginx 同时作为一个 PHP 目录的 SSL 代理和 Web 服务器工作。

server {
    listen 10.0.0.20:80;
    server_name example.com www.example.com;
    return 301 https://www.example.com$request_uri;
}

server {
    listen 10.0.0.20:443 ssl http2 backlog=16384;
    server_name example.com www.example.com;
    ssl    on;
    ssl_certificate    /home/ubuntu/example-ssl/example.crt;
    ssl_certificate_key    /home/ubuntu/example-ssl/example.key;
    ssl_dhparam /home/ubuntu/example-ssl/dh2048.pem;  # unique for each site
    ssl_prefer_server_ciphers on;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.4.4 8.8.8.8 valid=300s;
    resolver_timeout 10s;
    ssl_session_timeout 10m;
    add_header Public-Key-Pins 'pin-sha256="example-pin"; pin-sha256="example-backup-pin";  max-age=5184000; includeSubDomains';
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
    add_header X-Frame-Options SAMEORIGIN;
    add_header  X-Content-Type-Options "nosniff";
    add_header X-XSS-Protection "1; mode=block";
    access_log  off;

    location / {

    proxy_pass http://127.0.0.1:81;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-Port 443;
    proxy_headers_hash_max_size 1024;
    proxy_headers_hash_bucket_size 128;

    }

上述代理很好,但是我如何同时从 /fusion 提供 Web 应用程序呢?

    location /fusion {
    try_files $uri $uri/ /index.php?q=$uri&$args;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass unix:/var/run/php5-fpm-sitename-example.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;

    }

    location /fusion/l/ {
        rewrite ^/l/([a-zA-Z0-9/]+)$ /l.php?i=$1 last;
    }

    location /fusion/t/ {
        rewrite ^/t/([a-zA-Z0-9/]+)$ /t.php?i=$1 last;
    }

    location /fusion/w/ {
        rewrite ^/w/([a-zA-Z0-9/]+)$ /w.php?i=$1 last;
    }

    location /fusion/unsubscribe/ {
        rewrite ^/unsubscribe/(.*)$ /unsubscribe.php?i=$1 last;
    }

    location /fusion/subscribe/ {
        rewrite ^/subscribe/(.*)$ /subscribe.php?i=$1 last;
    }

}

答案1

在对许多 fastcgi“文件未找到错误”感到困惑之后,我终于能够使用下面的代码使其工作。

将此代码附加到已经运行的反向代理允许我在主域的子目录中运行 PHP 应用程序。

    root /var/www/example;
    index index.php index.html;

    location /example {
      root /var/www/example;
      try_files $uri $uri/ $uri.php?$args;
      index index.php index.html;
    }

    location ~ \.php$ {
      try_files $uri =404;
      fastcgi_split_path_info ^(.+\.php)(/.+)$;
      fastcgi_pass unix:/var/run/php5-fpm.sock;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      include fastcgi_params;
      fastcgi_read_timeout 150;
    }

相关内容