我失败了并且需要一些帮助。
我在 wiki.mydomain.com 上安装了 Wiki.js,并且能够通过 HTTP 访问我为其指定的端口 8080。但是当我开始尝试启用 SSL 时,它总是中断。因此,当我尝试将该 SSL 反向代理到 8080 时,我收到“502 代理错误”。
- 已经通过 certbot 将证书安装到 wiki.mydomain.com
我会很感激所有的意见,即使它涉及配置的其他方面。
WIKI.MYDOMAIN.COM.CONF
<VirtualHost *:80>
ProxyPreserveHost On
ProxyPass / http://1.2.3.4:8080/
ProxyPassReverse / http://1.2.3.4:8080/
ServerName wiki.mydomain.com
DocumentRoot /var/www/wiki.mydomain.com/
RewriteEngine on
RewriteCond %{SERVER_NAME} =wiki.mydomain.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
WIKI.MYDOMAIN.COM-LE-SSL.CONF
#Listen 443
#NameVirtualHost *:443
<IfModule mod_ssl.c>
<VirtualHost *:443>
ProxyPass / http://1.2.3.4:8080/ retry=1 acquire=3000 Keepalive=On
ProxyPassReverse / http://1.2.3.4:8080/
ServerName wiki.mydomain.com
DocumentRoot /var/www/wiki.mydomain.com/
#MANUALEDITING
#Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
#/MANUALEDITING
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/wiki.mydomain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/wiki.mydomain.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
/VAR/WWW/WIKI.MYDOMAIN.COM/CONFIG.YML
...
host: 'https://wiki.mydomain.com'
port: 8080
...
/ETC/MONGODB.CONF
...
bind_ip = 127.0.0.1,1.2.3.4
port = 27017
...
# SSL options
# Enable SSL on normal ports
#sslOnNormalPorts = true
# SSL Key file and password
#sslPEMKeyFile = /etc/letsencrypt/live/wiki.mydomain.com/fullchain.pem
#sslPEMKeyPassword = /etc/letsencrypt/live/wiki.mydomain.com/keyfile.pem
(每当我尝试取消注释/启用那里的 SSL 部分时,都会导致 mongodb.service 加载失败。)
DNS
wiki.mydomain.com TXT = "replicaSet=mySet&authSource=authDB" @ 86400
_mongodb._tcp.server.my.domain.com SRV = "wiki.mydomain.com" @ 86400 on port 8080
很确定我在这里没有正确匹配某些东西......