我在 ubuntu 服务器的 8000 端口上运行了一个 Flask Web 服务器,并使用 nginx 反向代理到 80 端口。我还想从code.com在子域 (code.example.com) 上同时运行。我设置了代码服务器在端口 8443 上运行,并且我按照他们在 github 页面上指定的方式配置了反向代理,但每当我访问 code.example.com 时,我都会被重定向到 localhost:8443。这是我的 nginx 站点配置 (/etc/nginx/sites-enabled/example.com):
server {
server_name www.example.com example.com;
location / {
include uwsgi_params;
uwsgi_pass unix:/home/ubuntu/server/server.sock;
proxy_pass http://127.0.0.1:8000/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name www.example.com example.com;
return 404; # managed by Certbot
}
server {
listen 80;
listen [::]:80;
server_name code.example.com;
location / {
proxy_pass http://localhost:8443/;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;
}
}
我还没有找到可行的解决方案,我甚至尝试在 proxy_pass 之前添加这个
proxy_redirect off;
proxy_set_header Host code.example.com;
处理代码服务器内的任何重定向,但它应该能够托管在域名上,甚至是子域名上。我很感激任何帮助,所以如果你有想法,请回复!谢谢。
注意:如果这不是发布该问题的正确网站,请告诉我,我会将其移动,我将其放在这里是因为我看到了其他反向代理 nginx 问题。
答案1
我无法确定您的配置为何不起作用,但我可以为您提供一个我用来做同样事情的模板。请务必根据需要替换 SSL 证书的路径。
我已经使用此配置的 Certbot,它运行良好,即使多个域使用一个证书也是如此。
# ...
http {
server {
listen 80;
listen [::]:80;
server_name example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name example.com;
# relevant ssl settings here...
location / {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
}
ssl_certificate <path_to_certbot_fullchain.pem> # managed by Certbot
ssl_certificate_key <path_to_certbot_privkey.pem> # managed by Certbot
}
server {
listen 80;
listen [::]:80;
server_name sub.example.com;
return 301 https://sub.example.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name sub.example.com;
# relevant ssl settings here...
location / {
proxy_pass http://127.0.0.1:8443;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
}
}
ssl_certificate <path_to_certbot_fullchain.pem> # managed by Certbot
ssl_certificate_key <path_to_certbot_privkey.pem> # managed by Certbot
}
# ...