nginx 代理到节点和 vue/node 上的 ssl

tag-icon tag-icon nginx ssl-certificate proxypass
nginx 代理到节点和 vue/node 上的 ssl

编辑:

错误日志

2021/02/23 07:30:07 [warn] 233791#233791: "ssl_stapling" ignored, issuer certificate not found for certificate "/etc/nginx/selfSignedCerts/example.crt"

2021/02/24 07:26:48 [error] 233793#233793: *17 connect() failed (111: Connection refused) while connecting to upstream, client: IP, server: IP, request: "GET / HTTP/2.0", upstream: "http://MyIP:60702/", host>

访问日志

MYIP - - [23/Feb/2021:07:31:02 +0000] "GET / HTTP/2.0" 404 128 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36" 或者

MYIP - - [23/Feb/2021:07:37:59 +0000] "GET / HTTP/2.0" 502 568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36"

我正在尝试为基于 vue/node.js 的 Web 应用程序使用自签名证书。因此,我将 vue cinfig 设置为 https:

module.exports = {
  baseUrl: './',
  devServer: {
    port: 8080,
    https: true,
    disableHostCheck: true
  }
};

并添加了两个 nginx 的 conf 文件来处理 vue 和 node:

VUE:

server {
     listen      80;
     listen      [::]:80;
     server_name inf-education-67.umwelt-campus.de;
     return 301  https://$server_name$request_uri;
}
server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  inf-education-67.umwelt-campus.de;

     # point to ssl certificate path
     include snippets/self-signed.conf;
     include snippets/ssl-params.conf;

     location / {
         # point to dist folder inside vue source code folder
         root /var/www/client/pvapp-client/dist;
         autoindex on;
         autoindex_exact_size off;
         index index.html index.htm;
         try_files $uri $uri/ /index.html;
    }
}

节点:

server {
     listen       80;
     listen       [::]:80;
     server_name  MY_IP_ADDRESS;
     return 301   https://$server_name$request_uri;
}
server {
     listen       443 ssl http2;
     listen       [::]:443 ssl http2;
     server_name  MY_IP_ADDRESS;

     # point to ssl certificate path
     include snippets/self-signed.conf;
     include snippets/ssl-params.conf;

     location / {
          # node server is running on port 60702
          proxy_pass                 http://MY_IP_ADDRESS:60702;
          proxy_http_version         1.1;
          proxy_set_header Host      $host;
          proxy_set_header X-Real-IP $remote_addr;
     }
}

打开网站时我收到 404 / 502 错误。

节点配置中的域名 IP 是否正确?还有什么问题?

答案1

我最终通过以下方式解决了它:

server{
     listen       80;
     listen       [::]:80;
     server_name  inf-education-67.umwelt-campus.de;
     return 301   https://$server_name$request_uri;
}

server {
     listen       443 ssl;
     listen       [::]:443 ssl http2;
     server_name inf-education-67.umwelt-campus.de;

     # point to ssl certificate path
     include snippets/bcknd/self-signed.conf;
     include snippets/bcknd/ssl-params-bck.conf;
     root /var/www/client/pvapp-client/dist;

     location / {
       allow all;
     }

     location /backend {
          proxy_pass http://localhost:60702;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
          proxy_ssl_verify off;
     }
}

位置 /backend 起了作用。只需在 api 中使用我的常规 server_name 和 /backend 即可。

相关内容