我有两个域名:domain1.com 和 domain2.com
我正在尝试通过重定向从 domain1.com 迁移到 domain2.com。
但是domain1.com和kf.domain1.com正在提供domain2.com的内容(200代码)和来自domain2.com的证书。
我尝试了多种组合,尝试将重定向放在服务器指令中,或者放在某个位置,尝试了 301 和 308,尝试了移动“default_server”,但什么也没有发生。
我ipv6only=on输入了 domain1.com 指令,这应该会导致错误,因为它在文件中出现了两次,但它也没有出错。
我已经三次检查域名没有拼写错误(但我使用 %s/// 来替换它们,所以它们不可能是拼写错误。)
我在任何日志中都没有收到错误消息,我的配置可能出了什么问题?
这是我的nginx -T:
# configuration file /etc/nginx/nginx.conf:
worker_processes 1;
load_module /usr/lib/nginx/modules/ngx_rtmp_module.so;
events {
worker_connections 1024;
}
http {
include mime.types;
fastcgi_cache_path /var/cache/nginx/fastcgi levels=1:2 keys_zone=one:8m inactive=24h;
proxy_cache_path /var/cache/nginx/proxy levels=1:2 keys_zone=two:8m inactive=24h;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log notice;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
##
# SSL settings
##
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# Forward secrecy settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
include sites-enabled/*;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
location = /images/test4kf2.png {
root /var/www/kf2/;
}
location / {
return 308 https://$host$request_uri;
}
}
server {
listen 433 ssl http2 default_server;
listen [::]:433 ssl http2 default_server;
server_name domain1.com;
root /usr/share/nginx/html;
access_log /var/log/nginx/domain1.com/access.log;
error_log /var/log/nginx/domain1.com/error.log notice;
ssl_certificate /etc/letsencrypt/live/domain1.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain1.com/privkey.pem; # managed by Certbot
return 301 https://domain2.com$request_uri;
}
server {
server_name www.domain2.com domain2.com;
listen 443 ssl;
listen [::]:443 ipv6only=on ssl;
access_log /var/log/nginx/domain2.com/access.log;
error_log /var/log/nginx/domain2.com/error.log;
root /var/www/domain1.com/;
ssl_certificate /etc/letsencrypt/live/domain2.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain2.com/privkey.pem; # managed by Certbot
location = / {
index index.html;
}
location /hls {
add_header 'Cache-Control' 'no-cache';
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
add_header 'Access-Control-Allow-Headers' 'Range';
types {
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
root /tmp;
}
location = /donate {
return 307 https://www.paypal.com/<redacted>;
}
}
server {
server_name kf.domain1.com;
listen 433 ssl;
listen [::]:433 ssl;
access_log /var/log/nginx/kf.domain1.com/access.log;
error_log /var/log/nginx/kf.domain1.com/error.log;
ssl_certificate /etc/letsencrypt/live/kf.domain1.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/kf.domain1.com/privkey.pem; # managed by Certbot
location / {
return 301 https://kf.domain2.com$request_uri;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name kf.domain2.com;
access_log /var/log/nginx/kf.domain2.com/access.log;
error_log /var/log/nginx/kf.domain2.com/error.log;
proxy_cache two;
ssl_certificate /etc/letsencrypt/live/domain2.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain2.com/privkey.pem; # managed by Certbot
location / {
proxy_cache two;
proxy_pass http://127.0.0.1:8080/;
}
location /images/ {
gzip_static on;
root /steam/kf2/KFGame/Web/;
expires max;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
# server {
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# location / {
# return 404;
# }}
}
rtmp {
<redacted>;
}
# configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
application/font-woff woff;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.wap.wmlc wmlc;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg opus;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /etc/nginx/sites-enabled/ignore1.com:
server {
listen 80;
listen [::]:80;
server_name www.ignore1.com ignore1.com coach.domain1.com;
error_log /var/log/nginx/ignore1.com.error.log warn;
root /var/www/ignore1.com/;
include /etc/nginx/php.conf;
}
# configuration file /etc/nginx/php.conf:
index index.php;
location /faveicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
fastcgi_cache one;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_param HTTP_PROXY "";
fastcgi_intercept_errors on;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_cache_key $scheme$request_method$host$request_uri$http_x_access_token;
fastcgi_cache_valid 200 30m;
}
# configuration file /etc/nginx/fastcgi.conf:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REQUEST_SCHEME $scheme;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
# configuration file /etc/nginx/sites-enabled/ignore2.com:
server {
listen 80;
listen [::]:80;
server_name www.ignore2.com enjoy.domain1.com;
error_log /var/log/nginx/enjoy.error.log warn;
root /var/www/ignore2.com/;
index index.php;
location ~ \.php$ {
try_files $uri $document_root$fastcgi_script_name =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi.conf;
fastcgi_param HTTP_PROXY "";
}
}
答案1
问题在于端口号的拼写错误,433 应该是 443。