我已经使用 letsencrypt 和 certbot 设置了 HTTPS SSL,并且主域指向运行我的网站的机器,运行良好等等。当然,直到我尝试为 HTTPS 设置 SSL。
Certbot 做了它应该做的事情,我只是无法再访问该网站,我查看了 Cloudflare 并且看到有人说要使用完整版或完整版(严格版),但我不确定这些是否有效,因为他们在切换之前需要一些时间。
但是,我也遇到了反向代理的问题,我已经安装了普兰坎班在端口 8889 上托管的 Raspberry Pi 上,我尝试通过反向代理运行它,但我尝试过的一切都没有用,我希望它可以从“plankanban.domainname.com”访问,而不是“plankanban.domainname.com:8889”否则,拥有子域名是没有意义的,还不如只使用带有端口的域名,在我看来,这看起来不太好看。
由于手动安装,我通过 Nginx 中的 conf.d 目录运行 Nginx 块。下面我将展示我的 SSL 无法正常工作的 Web 服务器。
server {
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
server_name domainname.com www.domainname.com;
ssl_certificate /etc/letsencrypt/live/domainname.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domainname.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/domainname;
index index.html index.htm;
}
#error_page 404 /404.html;
#location = /404.html {
# root /usr/share/nginx/domainname;
#}
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/domainname;
#}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
server {
if ($host = www.domainname.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domainname.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name domainname.com www.domainname.com;
return 404; # managed by Certbot
}
这是我的反向代理(已禁用以尝试修复主站点):
#server {
# listen 80 default_server;
# listen [::]:80 default_server;
# listen 443 default_server;
# listen [::]:443 default_server;
# server_name plankanban.domainname.xyz;
#proxy_set_header Host $host:$server_port;
# location / {
# proxy_pass http://localhost:8889/;
#proxy_redirect off;
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-NginX-Proxy true;
# proxy_set_header X-Forwarded-Proto $scheme;
# }
#}
哪里是了解这些内容的最佳读物?就网络而言,我很想真正弄清楚并理解它,但我总是想知道人们实际上从哪里开始。是否有任何指南或课程可能对此有用?
提前致谢,〜Blood