硬件环境:
云端:
阿里云轻量应用服务器
地区:香港
CPU:1核
内存:1G
带宽:30Mbps的码
操作系统:Centos7.6
nextcloud服务器
树莓派3B
操作系统:nextcloudPi 14
内网穿透组件
frp0.21
部署
下面开始在Centos下的上部署的nginx的
创建一个文件参考:https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
# vim /etc/yum.repos.d/nginx.repo
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
notereleasever 需要替换为7
开始安装
参考:http://blog.51cto.com/liqingbiao/2286134
# yum install nginx -y
.....................省略
Installed:
nginx.x86_64 1:1.14.0-1.el7_4.ngx
Complete!
# systemctl enable nginx
# systemctl start nginx
Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
# systemctl status nginx.service -l //执行这行命令查看错误信息
● nginx.service - nginx - high performance web server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2018-12-13 19:29:44 CST; 1min 44s ago
Docs: http://nginx.org/en/docs/
Process: 16958 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=1/FAILURE)
Dec 13 19:29:41 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:42 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:42 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:43 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:43 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Dec 13 19:29:44 izj6c136vql89y83pydz8mz nginx[16958]: nginx: [emerg] still could not bind()
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: nginx.service: control process exited, code=exited status=1
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: Failed to start nginx - high performance web server.
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: Unit nginx.service entered failed state.
Dec 13 19:29:44 izj6c136vql89y83pydz8mz systemd[1]: nginx.service failed.
可能出现的问题
执行 #systemctl start nginx会报错,报错信息提示80端口已经被占用,但是我们应该不能直接去关闭80端口,而应该把配置修改一下换一个端口再进行启动nginx,* 修改配置方法如下:
这里参考:https://blog.csdn.net/xie_xiansheng/article/details/78028051
# vim /etc/nginx/conf.d/default.conf
//文件开头
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
.......................省略
//--------------------需要把 listen 80; 改成 8080--------------------
server {
listen 8080;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
.......................省略
启动
改完之后执行的nginx的的启动
# systemctl start nginx //启动nginx
到这里就启动成功了。
nginx相关配置文件/etc/nginx/nginx.conf
# vim /etc/nginx/conf.d/default.conf
后面的过程可以参考别的博客,有要补充的我再补充。以上2018-12-13日修改
// ------------------------------------------------- 2018-12-14日晚上补充--------------------------------------------------------------------
安装证书
参考:
https://www.jianshu.com/p/226d99e96a1a
https://blog.csdn.net/fengcai0123/article/details/80540386
以上2篇文章结合着看
我的步骤:
//创建目录
# cd /etc/nginx/
# mkdir cert
//把阿里云下载的证书压缩包解压到/etc/nginx/cert/目录下
# ls cert/
1614607_www.mryarnell.top.key 1614607_www.mryarnell.top.pem
//然后在conf.d/目录下创建一个文件
# cd conf.d/
# vim ssl
//以下内容复制到文件中
server{
listen 443;
server_name www.mryarnell.top;
ssl on;
ssl_certificate cert/1614607_www.mryarnell.top.pem;
ssl_certificate_key cert/1614607_www.mryarnell.top.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location /images {
root /usr/share/nginx;
}
location / {
proxy_ssl_server_name on;
proxy_pass https://www.mryarnell.top:8643;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
//:wq 保存
最后重启nginx
$ service nginx restart
反向代理
以下过程要实现nginx反向代理frp - >树莓派
参考:
http://www.wangxianfeng.cn/wordpress/2018/06/10/nginx%E5%8F%8D%E5%90%91%E4%BB%A3%E7%90%86frp%E7%BC% 93%E5%AD%98%E5%8A%A0%E9%80%9Fhttphttps /
主要要改变的是SSL文件中的位置{}中的内容
参照上面贴出来的!
location / {
proxy_ssl_server_name on;
proxy_pass https://www.mryarnell.top:8643;
}
解决URL中带端口号的问题
//----------------------------------- 2018-12-24日更新 --------------------------------------------------------------------
解决了访问网页时URL中会带有端口号,导致https SSL证书失效,访问失败的问题。
参考:https://blog.csdn.net/hejun1218/article/details/73385437
在nginx中配置server侦听非443端口时,我们在访问时会在url中加入对应的端口号,如http://xxx.xxx.xxx:8643但如果在nginx服务器前有另一台服务器作为用户首先访问的web服务器,这台服务器设置了端口转发,将443端口获得的请求转发到nginx中的对应端口中,如8643,这时用户使用的url是没有端口号,但nginx会自动增加端口号到url上,很可能导致用户访问失败,可以将location 中增加 proxy_set_header Host $host; ,即可解决此问题(在实际工作遇到,特此记下)