在未找到.ebextensions的AWS Elasticbeanstalk中配置nginx配置文件

时间:2020-08-26 03:25:34

标签: amazon-web-services spring-boot ssl nginx amazon-elastic-beanstalk

我正在尝试使用自签名SSL启用https到部署在AWS Elastic Beanstalk上的springboot Web服务器后端。我遵循了在线教程和指南,使用新的https-instance.config更改了我的Nginx配置。

files:
  /etc/nginx/conf.d/myconf.conf:
    mode: "conf"
    owner: root
    group: root
    content: |
      # HTTPS server

      server {
        listen 443;
        server_name localhost;

        ssl on;
        ssl_certificate /etc/pki/tls/certs/server.crt;
        ssl_certificate_key /etc/pki/tls/certs/server.key;
        ssl_prefer_server_ciphers on;

        location / {
          proxy_pass  http://localhost:5000;
          proxy_http_version  1.1;
          proxy_set_header  Connection "";
          proxy_set_header  Host  $host;
          proxy_set_header  X-Real-IP  $remote_addr;
          proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
      }

  /etc/pki/tls/certs/server.crt:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN CERTIFICATE-----
 mycert
      -----END CERTIFICATE-----
      
  /etc/pki/tls/certs/server.key:
    mode: "000400"
    owner: root
    group: root
    content: |
      -----BEGIN RSA PRIVATE KEY-----
mykey
      -----END RSA PRIVATE KEY-----

  /opt/elasticbeanstalk/hooks/appdeploy/post/03_restart_nginx.sh:
      mode: "000755"
      owner: root
      group: root
      content: |
        #!/usr/bin/env bash
        sudo service nginx restart

当我对实例进行SSH时,无法在conf.d下找到myconf.conf文件。运行service nginx status给我

● nginx.service - The nginx HTTP and reverse proxy server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/nginx.service.d
           └─nginx.conf
   Active: active (running) since Wed 2020-08-26 03:06:34 UTC; 15min ago
  Process: 28894 ExecStartPost=/bin/sh -c systemctl show -p MainPID nginx.service | cut -d= -f2 > /var/pids/nginx.pid (code=exited, status=0/SUCCESS)
  Process: 28890 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
  Process: 28887 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
  Process: 28886 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
 Main PID: 28893 (nginx)
   CGroup: /system.slice/nginx.service
           ├─28893 nginx: master process /usr/sbin/nginx
           └─28897 nginx: worker process

Aug 26 03:06:34  systemd[1]: Starting The nginx HTTP and reverse proxy server...
Aug 26 03:06:34 nginx[28887]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Aug 26 03:06:34  nginx[28887]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Aug 26 03:06:34  systemd[1]: Started The nginx HTTP and reverse proxy server.

我错过了什么。这是我关于AWS EBS的第一个项目。

注意:我正在为EBS运行免费的单层实例

2 个答案:

答案 0 :(得分:2)

您要尝试使用的nginx设置(/etc/nginx/conf.d/myconf.conf)用于 Amazon Linux 1

但是您似乎正在使用 Amazon Linux 2 (AL2)。因此,您应该使用其他文件来设置nginx。对于AL2,nginx设置应位于.platform/nginx/conf.d/中,而不是docs中所示的.ebextentions中。

因此,您可以将以下.platform/nginx/conf.d/myconfig.conf与内容:

server {
    listen 443;
    server_name localhost;

    ssl on;
    ssl_certificate /etc/pki/tls/certs/server.crt;
    ssl_certificate_key /etc/pki/tls/certs/server.key;
    ssl_prefer_server_ciphers on;

    location / {
      proxy_pass  http://localhost:5000;
      proxy_http_version  1.1;
      proxy_set_header  Connection "";
      proxy_set_header  Host  $host;
      proxy_set_header  X-Real-IP  $remote_addr;
      proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
    }
}

以上只是配置文件的示例。我无法验证该设置是否真正起作用,但是您肯定使用了错误的文件夹来设置AL2中的nginx选项。

我的建议是尝试首先使其通过ssh手动工作。如果您没有提供自己的.platform/nginx/nginx.conf文件,那么您可能会发现需要覆盖整个nginx设置。

答案 1 :(得分:0)

Amazon Linux 2: 您必须在实际要将其放置在Elasticbeanstalk上的同一层次结构中的文件夹中创建文件。例如,对于我来说,在EBS中,我需要在/etc/nginx/conf.d/elasticbeanstalk/下创建自定义conf文件。 为此,我的文件夹结构将是: enter image description here

在文件中,我可以添加所需的配置:

location / {
            try_files $uri $uri/ /index.php?$args;
      }
相关问题
最新问题