我想使用 nginx 运行一个 flask 应用程序。我经历了本教程直到我从命令行使用 wsgi 启动服务时,一切都正常(这意味着我可以访问我的页面localhost:8000并显示Hello, there!消息)。我的项目位置如下:
(venv-dvwa) root@kali:~/services/dvwa# pwd
/root/services/dvwa
(venv-dvwa) root@kali:~/services/dvwa# ls
dvwa.sock main.py __pycache__ requirements.txt uwsgi.ini venv-dvwa wsgi.py
(venv-dvwa) root@kali:~/services/dvwa# which uwsgi
/root/services/dvwa/venv-dvwa/bin/uwsgi
(venv-dvwa) root@kali:~/services/dvwa#
nginx 的配置文件:
(venv-dvwa) root@kali:~/services/dvwa# cat /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80;
server_name server_domain_or_IP;
location / {
include uwsgi_params;
uwsgi_pass unix:/root/services/dvwa/dvwa.sock;
}
}
}
并为我服务:
(venv-dvwa) root@kali:~/services/dvwa# cat /etc/systemd/system/dvwa.service
[Unit]
Description=uWSGI instance to serve dvwa csp hacks
After=network.target
[Service]
User=root
Group=root
WorkingDirectory=/root/services/dvwa
Environment="PATH=/root/services/dvwa/venv-dvwa/bin"
ExecStart=/root/services/dvwa/venv-dvwa/bin/uwsgi --ini uwsgi.ini
[Install]
WantedBy=multi-user.target
两项服务均已启动并正在运行:
(venv-dvwa) root@kali:~/services/dvwa# systemctl status nginx
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2018-11-22 07:13:34 CET; 35min ago
Docs: man:nginx(8)
Main PID: 2823 (nginx)
Tasks: 2 (limit: 4690)
Memory: 2.8M
CGroup: /system.slice/nginx.service
├─2823 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─2824 nginx: worker process
lis 22 07:13:34 kali systemd[1]: Starting A high performance web server and a reverse proxy server...
lis 22 07:13:34 kali systemd[1]: nginx.service: Failed to parse PID from file /run/nginx.pid: Invalid argument
lis 22 07:13:34 kali systemd[1]: Started A high performance web server and a reverse proxy server.
(venv-dvwa) root@kali:~/services/dvwa# systemctl status dvwa.service
● dvwa.service - uWSGI instance to serve dvwa csp hacks
Loaded: loaded (/etc/systemd/system/dvwa.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2018-11-22 07:15:37 CET; 33min ago
Main PID: 2938 (uwsgi)
Tasks: 2 (limit: 4690)
Memory: 17.2M
CGroup: /system.slice/dvwa.service
├─2938 /root/services/dvwa/venv-dvwa/bin/uwsgi --ini uwsgi.ini
└─2940 /root/services/dvwa/venv-dvwa/bin/uwsgi --ini uwsgi.ini
lis 22 07:15:37 kali uwsgi[2938]: your server socket listen backlog is limited to 100 connections
lis 22 07:15:37 kali uwsgi[2938]: your mercy for graceful operations on workers is 60 seconds
lis 22 07:15:37 kali uwsgi[2938]: mapped 145808 bytes (142 KB) for 1 cores
lis 22 07:15:37 kali uwsgi[2938]: *** Operational MODE: single process ***
lis 22 07:15:37 kali uwsgi[2938]: WSGI app 0 (mountpoint='') ready in 0 seconds on interpreter 0x55971c483d90 pid: 2938 (default app)
lis 22 07:15:37 kali uwsgi[2938]: uWSGI running as root, you can use --uid/--gid/--chroot options
lis 22 07:15:37 kali uwsgi[2938]: *** WARNING: you are running uWSGI as root !!! (use the --uid flag) ***
lis 22 07:15:37 kali uwsgi[2938]: *** uWSGI is running in multiple interpreter mode ***
lis 22 07:15:37 kali uwsgi[2938]: spawned uWSGI master process (pid: 2938)
lis 22 07:15:37 kali uwsgi[2938]: spawned uWSGI worker 1 (pid: 2940, cores: 1)
当我localhost在浏览器中输入或输入我的 IP 地址时,我收到 404 nginx 消息。我正在运行最新的 kali linux 版本(那是因为我想尝试另一个项目 - dvwa 并学习一些东西)。最后一条通知:我知道在生产目的中使用 root 帐户是个坏主意,但这个项目不打算这样做。
答案1
好的,我的设置有几个问题。首先,包括默认启用的站点覆盖了我的设置。其次,我更改了服务器名称以匹配所有情况。最后但并非最不重要的是,必须为套接字赋予 666 而不是 660 权限。
我的新 nginx.conf:
root@kali:~/services/dvwa# cat /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
# include /etc/nginx/sites-enabled/*;
server {
listen 80;
server_name _;
location / {
include uwsgi_params;
uwsgi_pass unix:/root/services/dvwa/dvwa.sock;
}
}
}
和 uwsgi.ini:
root@kali:~/services/dvwa# cat uwsgi.ini
[uwsgi]
module = wsgi
master = true
processes = 1
socket = dvwa.sock
chmod-socket = 666
vacuum = true
die-on-term = true
编辑我认为我的解决方案有点过度,所以如果有人能建议更有效的方法,我会很乐意将其包含在我的答案中。