我在我的RPi上运行一个PiHole,同时运行一个Nginx代理服务器。我必须让他们两个都听80端口,在这种情况下,pihole必须lighttpd监听端口80。
为了解决这个问题,我在同一个界面(192.168.0.2和192.168.0.3)中创建了两个ips地址,我想将它们都提供给lighttpd和Nginx。我能够改变lighttpd配置(仅在192.168.0.3上收听),我认为一切正常。然后我让我的nginx服务器失败了,我猜是因为通配符使得nginx在每个IP地址中监听端口80.
Nginx当前状态
Jun 25 00:30:30 sousahost nginx[3040]: nginx: [warn] conflicting server name "" on 0.0.0.0:80, ignored
Jun 25 00:30:30 sousahost nginx[3040]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jun 25 00:30:31 sousahost nginx[3040]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jun 25 00:30:31 sousahost nginx[3040]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jun 25 00:30:32 sousahost nginx[3040]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
Jun 25 00:30:32 sousahost nginx[3040]: nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
在这种情况下如何解决我的情况?我想显而易见的解决方案是告诉Nginx只听某个IP地址,但是我无法弄明白(这是可能的吗?)。我怎样才能确保Nginx只列出某个IP?
我的大多数配置都是这样的:
server {
listen 192.168.1.3:80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name ads.sousa.host;
ssl_certificate /etc/nginx/ssl/pi.crt;
ssl_certificate_key /etc/nginx/ssl/pi.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/pi.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the “It appears that your reverse proxy set up is broken" error.
proxy_pass http://192.168.1.3:80;
proxy_read_timeout 90;
proxy_redirect http://192.168.1.3:80 https://ads.sousa.host/admin;
}
}
另外,我在想什么?在同一个界面上创建两个ips是一个有效且好的解决方案吗?我对任何建议持开放态度。
答案 0 :(得分:0)
您应该尝试bind指令上的listen选项,这会阻止nginx尝试获取通配符地址。有关详情,请参阅this document。
listen 192.168.0.2:80 bind;
这对多个接口有效。但不确定它是否在一个接口上有多个地址是有效的。