使用 nginx 为 kibana 添加子域名

使用 nginx 为 kibana 添加子域名

我正在尝试包含子域 kibana.domain.com,但代理设置不起作用。没有子域的域可以工作,并且所有无 www 和 ssl 的重定向都适用于基本域。但是,子域 kibana.example.com 收到“无法访问此站点”的消息,因为正在运行并且版本与 Kibana 和 Elasticsearch 兼容。任何建议都会有所帮助,谢谢。

nginx.conf

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;

    server {
        listen [::]:80;
        listen 80;
        server_name example.com www.example.com;

        include snippets/letsencrypt.conf;

        return 301 https://$host$request_uri;
    }

    server {
        listen [::]:443 ssl http2;
        listen 443 ssl http2;
        server_name www.example.com;

        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
        ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
        include snippets/ssl.conf;
        include snippets/letsencrypt.conf;

        return 301 https://example.com$request_uri;
    }
    
    server {
        listen [::]:443 ssl http2;
        listen 443 ssl http2;
        server_name example.com;

        access_log   /var/log/nginx.access_log  main;

        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
        ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
        include snippets/ssl.conf;
        include snippets/letsencrypt.conf;

        index index.html index.htm;

        location / {
            root /var/www/html;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
}

/etc/nginx/conf.d/kibana.conf

server {
    listen [::]:80;
    listen 80;
    server_name kibana.example.com;

    return 301 https://kibana.example.com$request_uri;
}

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;
    server_name kibana.example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
    include snippets/ssl.conf;
    include snippets/letsencrypt.conf;

    auth_basic "Restricted Access";
    auth_basic_user_file /etc/nginx/htpasswd.users;

    location / {
        proxy_pass https://localhost:5601;
        proxy_http_version 1.1;
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
    }
}

答案1

这是一个愚蠢的错误,我以为我已经通过 digital ocean 在 DNS 设置中配置了这一点。我忘记验证子域是否已建立 CNAME 作为域的别名。我现在还遇到了其他问题,但现在已正确解决。

相关内容