我有一个 nginx 作为反向代理服务器和 apache 来服务器 nextcloudpi Web 应用程序。
我有以下 nginx 配置
server {
server_name drive.example.com;
location / {
proxy_pass http://192.168.0.7/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/drive.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/drive.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = drive.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name drive.example.com;
return 404; # managed by Certbot
}
以下为 apache 配置
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
DocumentRoot /var/www/nextcloud
ServerName drive.example.com
CustomLog /var/log/apache2/nc-access.log combined
ErrorLog /var/log/apache2/nc-error.log
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/drive.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/drive.example.com/privkey.pem
</VirtualHost>
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
LimitRequestBody 0
SSLRenegBufferSize 10486000
</Directory>
</IfModule>
注意:以前,我使用 apache 作为互联网的直接前端,现在我想使用 nginx 作为前端,而 apache 仍然作为 Web 应用程序服务器
如果我可以在不重定向到内部 IP 地址的情况下访问 drive.example.com,是否有任何帮助?
谢谢。
答案 0 :(得分:0)
您似乎需要禁用代理重定向标头,尝试更改和更新 nginx(反向代理)的配置文件,这将确保您的 nginx 作为 运行apache 服务器和 客户端 之间的中间人,(而不是 nginx 只是通过重定向将客户端卸载到 apache 服务器,而不是充当中间人人):
server {
listen 80;
listen [::]:80; # if you're not using ipv6 do remove this line.
server_name drive.example.com;
location / {
proxy_redirect off;
proxy_read_timeout 1m;
proxy_connect_timeout 1m;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://192.168.0.7/;
}
listen [::]:443 ssl; # if you're not using ipb6 do remove this line
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/drive.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/drive.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = drive.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name drive.example.com;
return 404; # managed by Certbot
}