如何解决使用Nginx的Digitalocean部署节点https应用
我正在使用nginx在Digitalocean小滴中运行我的应用程序,我发现如果我使用http运行我的应用程序,它可以正常运行,但是当我使用https运行时,nginx给了我502 BAD GATEWAY,我尝试了其他方法digitalocean指南并在stackoverflow周围进行搜索,但从未找到解决方案,所以我考虑撰写这篇文章。
NGINX默认文件:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name mydomain.io www.mydomain.io;
ssl_certificate /home/myapp/ssl/myapp.crt;
ssl_certificate_key /home/myapp/ssl/myapp.key;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
我的应用代码:
const express = require("express");
//const http = require('http');
const https = require('https');
const helmet = require("helmet");
const cors = require("cors");
const fs = require("fs");
const path = require("path");
const app = express();
const config = require("./config");
const passport = require("passport");
const credentials = { key: fs.readFileSync('ssl/myapp.key','utf-8'),cert: fs.readFileSync('ssl/myapp.crt',ca: fs.readFileSync('ssl/myapp.ca-bundle','utf-8') };
app.use(helmet());
app.use(cors());
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(
require("express-session")({
secret: require("./config.json").app.secretKey,resave: false,saveUninitialized: true,cookie: {
secure: false,maxAge: 60 * 60 * 1000 * 24 * 365,},})
);
app.use(passport.initialize());
app.use(passport.session());
passport.use(require("./service/passport"));
app.set("view engine","ejs");
app.set("views",path.join(__dirname,"views"));
app.use(express.static(path.join(__dirname,"views")));
app.use('/',require('./api/home'));
app.use("/auth",require("./api/auth"));
app.use("/user",require("./api/user"));
app.get('/tos',(req,res)=>{
res.render('tos');
});
//var httpServer = http.createServer(app);
var httpsServer = https.createServer(credentials,app);
httpsServer.listen(config.app.port,'localhost',()=>{
console.log("App started on port:"+config.app.port);
});
我是nginx的新手,有人可以解释如何做吗?
解决方法
您的应用代码正在使用HTTPS运行,而NGINX是proxy_pass正在使用http:// localhost:3000。
要解决此问题,有两种方法:
- 使用https:// localhost:3000更新proxy_pass并重新启动NGINX
- 在APP级别使用HTTP代替HTTPS,然后重新启动应用程序
任何选项都可以解决该问题,最省力的方法是使用选项一。
,我有多个服务器分别在80和443上运行node.js应用程序。
我希望您使用我使用的配置-
server {
server_name yourdomain.com;
proxy_buffering off;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = yourdomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 0.0.0.0:80;
server_name yourdomain.com;
return 404; # managed by Certbot
}
我主要将Certbot用于我的SSL证书,您还可以使用其他任何内容!
,您无需更改应用程序中的任何内容并继续使用HTTP,Nginx将处理https请求并将HTTP重定向到您的应用程序。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。