我使用以下命令在 Ubuntu 18.04 服务器上安装了 Nginx:
$ sudo apt-add-repository ppa:hda-me/nginx-stable
$ sudo apt update
$ ubuntu@www-example-com:~$ sudo apt install brotli nginx nginx-module-brotli
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
brotli nginx nginx-module-brotli
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,088 kB of archives.
After this operation, 4,340 kB of additional disk space will be used.
Get:1 http://ppa.launchpad.net/hda-me/nginx-stable/ubuntu bionic/main amd64 nginx amd64 1.17.3-2-ppa7~bionic [566 kB]
Get:2 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/universe amd64 brotli amd64 1.0.3-1ubuntu1.2 [266 kB]
Get:3 http://ppa.launchpad.net/hda-me/nginx-stable/ubuntu bionic/main amd64 nginx-module-brotli amd64 1.17.3-2-ppa7~bionic [256 kB]
Fetched 1,088 kB in 0s (10.6 MB/s)
Selecting previously unselected package brotli.
(Reading database ... 91558 files and directories currently installed.)
Preparing to unpack .../brotli_1.0.3-1ubuntu1.2_amd64.deb ...
Unpacking brotli (1.0.3-1ubuntu1.2) ...
Selecting previously unselected package nginx.
Preparing to unpack .../nginx_1.17.3-2-ppa7~bionic_amd64.deb ...
----------------------------------------------------------------------
Thanks for using nginx!
Please find the official documentation for nginx here:
* http://nginx.org/en/docs/
You could find nginx-hda-bundle repository here:
* https://github.com/cryptofuture/nginx-hda-bundle
Please consider making a donation:
* https://github.com/cryptofuture/nginx-hda-bundle#donation
----------------------------------------------------------------------
Unpacking nginx (1.17.3-2-ppa7~bionic) ...
Selecting previously unselected package nginx-module-brotli.
Preparing to unpack .../nginx-module-brotli_1.17.3-2-ppa7~bionic_amd64.deb ...
----------------------------------------------------------------------
The Brotli dynamic module for nginx has been installed.
To enable this module, add the following to /etc/nginx/nginx.conf
and reload nginx:
# ngx_brotli filter module - used to compress responses on-the-fly.
load_module modules/ngx_http_brotli_filter_module.so;
# ngx_brotli static module - used to serve pre-compressed files.
# Both modules could be used separately
load_module modules/ngx_http_brotli_static_module.so;
Please refer to the module documentation for further details:
https://github.com/google/ngx_brotli
----------------------------------------------------------------------
Unpacking nginx-module-brotli (1.17.3-2-ppa7~bionic) ...
Setting up nginx (1.17.3-2-ppa7~bionic) ...
Setting up brotli (1.0.3-1ubuntu1.2) ...
Setting up nginx-module-brotli (1.17.3-2-ppa7~bionic) ...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Processing triggers for ureadahead (0.100.0-21) ...
Processing triggers for systemd (237-3ubuntu10.39) ...
我的问题是,我无法使用以下命令将 Nginx 添加到防火墙。我不明白为什么它不起作用:
$ ubuntu@www-example-com:~$ sudo ufw allow 'Nginx Full'
ERROR: Could not find a profile matching 'Nginx Full'
$ ubuntu@www-example-com:~$ sudo ufw app list
Available applications:
OpenSSH
更新
ubuntu@www-example-com:~$ sudo ufw allow 80
Rule added
Rule added (v6)
ubuntu@www-example-com:~$ sudo ufw allow 443
Rule added
Rule added (v6)
ubuntu@www-example-com:~$ sudo ufw allow http
Rule added
Rule added (v6)
ubuntu@www-example-com:~$ sudo ufw allow https
Rule added
Rule added (v6)
ubuntu@www-example-com:~$ sudo ufw app list
Available applications:
OpenSSH
答案1
您可以尝试使用这些命令仅允许标准 HTTP/HTTPS 端口
sudo ufw allow 80
sudo ufw allow 443
我认为你也可以像这样指定协议
sudo ufw allow http
sudo ufw allow https
答案2
输出sudo ufw app list
显示没有创建 nginx 配置文件。
这个帖子在 ubuntu stack exchange 上有一个很好的关于如何创建应用程序配置文件的总结,或者你可以使用@Diego Velez 建议的更简单的解决方案(这也是我会做的)