Question

我已安装openvas9并已从证书商店安装了证书。我试图将nginx用作反向代理。我的openvas设置位于/etc/default/openvas-gsa，看起来像这样;

# Defaults for Greenbone Security Assistant initscript
# sourced by /etc/init.d/openvas-gsa
# installed at /etc/default/openvas-gsa by the maintainer scripts

# To disable HTTPS:
#
#HTTP_ONLY=1

# To enable http redirection:
#
HTTP_REDIRECT=1

# To set listening address:
# 
#LISTEN_ADDRESS="0.0.0.0"

# To set listening port number:
#
PORT_NUMBER=4000

/etc/nginx/sites-enabled/openvas处的我的nginx配置看起来像这样（显然服务器名称已更改）;

server {
    listen 443 ssl;
    server_name vas.server.com;

    location / {
        proxy_set_header   Host             $http_host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   REMOTE_HOST      $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header   X-FORWARDED-PROTOCOL $scheme;
        proxy_pass http://localhost:4000;
    }
}

我得到的只是502 Bad Gateway。我哪里错了？

Answer 1

server {
       listen         80;
       server_name    vas.novarumcloud.com;
       return         301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    server_name vas.novarumcloud.com;

    location / {
        proxy_set_header   Host             $http_host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   REMOTE_HOST      $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header   X-FORWARDED-PROTOCOL $scheme;  
        proxy_pass https://localhost:4000;
    }
}

但是，您还需要转到/etc/default/openvas-gsa 并具有以下设置;

# Defaults for Greenbone Security Assistant initscript
# sourced by /etc/init.d/openvas-gsa
# installed at /etc/default/openvas-gsa by the maintainer scripts

# To disable HTTPS:
#
#HTTP_ONLY=1

# To enable http redirection:
#
HTTP_REDIRECT=1

# To set listening address:
# 
#LISTEN_ADDRESS="0.0.0.0"

# To set listening port number:
#
PORT_NUMBER=4000

Openvas9的Nginx代理

1 个答案: