起因
因为kuboard单点支持keycloak,但是需要https,所以只能跑到这台云服务器用docker部署,通过Nginx代理,记录安装过程:
nignx转发配置
域名解析和ssl证书请参考相关文章进行配置
server {
listen 80;
server_name keycloak.yangzhuchang.club;
client_max_body_size 1024m;
location / {
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8091/;
}
}
server{
listen 443 ssl;
server_name keycloak.yangzhuchang.online;
ssl_certificate /home/dy/ssl/3054623_yangzhuchang.online.pem;
ssl_certificate_key /home/dy/ssl/3054623_yangzhuchang.online.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;