如何解决Nginx代理通行证...什么都没有?
使用Ubuntu Server 20.04,nginx / 1.18.0(Ubuntu)。
出于价值,我试图设置具有远程访问功能的Jellyfin。我也在使用动态域名。我已经使用类似的ish设置完全启动并运行了nextcloud服务。我还希望可以远程访问服务器。
访问域名时,只需将我带到NGINX欢迎页面。我已从启用站点的网站上删除了该文件,并禁用了default.conf侦听标签(并将文件重命名为default.conf.bak)
本质上应该发生的是,当我输入域名时,它应该自动重定向到正确的端口。不是。
我可以使用IP地址和jellyfin的端口访问服务器。但是使用域名或ip地址只会为我显示欢迎屏幕。我主要是在使用域名,因为我还有使用端口80的其他服务。
我可以通过端口的本地IP访问Jellyfin站点。
我尝试了其他技巧,包括编辑主机文件以确保域名链接到127.0.0.1,但是我的工作有点茫然。
访问或错误日志中没有任何内容。
我还检查了nginx.conf是否有任何服务器块,没有。这是我正在使用的文件...(实际上是Jellyfin网站上的复制粘贴)。
server {
listen 80;
listen [::]:80;
server_name (scrambled).ydns.eu;
access_log /var/log/nginx/reverseaccess.log;
error_log /var/log/nginx/reverseerror.log;
# use a variable to store the upstream proxy
# in this example we are using a hostname which is resolved via DNS
# (if you aren't using DNS remove the resolver line and change the variable to point to an IP address e.g `set $>
#Security / XSS Mitigation Headers
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
# Content Security Policy
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
# Enforces https content and restricts JS/CSS to origin
# External Javascript (such as cast_sender.js for Chromecast) must be whitelisted.
#add_header Content-Security-Policy "default-src https: data: blob:; style-src 'self' 'unsafe-inline'; script-sr>
location / {
# Proxy main Jellyfin traffic
proxy_pass http://127.0.0.1:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
# location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/inde>
# location ~ ^/web/$ {
# # Proxy main Jellyfin traffic
# proxy_pass http://127.0.0.1:8096/web/index.html/;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Forwarded-Protocol $scheme;
# proxy_set_header X-Forwarded-Host $http_host;
# }
location /socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://127.0.0.1:8096/socket/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
}
解决方法
好的,关键是这里涉及两台机器。因此,转发未按预期进行。我认为它需要重定向而不是简单的传递,并且不会发生对端口80的监听。路由器不知道应该将信息发送到哪里。
安装了Jellyfin的一个关键问题是,似乎主机上不需要conf文件,因为它目前应该在8080上侦听,但Jellyfin在8096上侦听。
如果有人愿意提出自己的专家意见以填补空白,将不胜感激。谢谢大家的帮助。
无论如何,以下是我的反向代理配置文件...
# Reverse proxy on forwarding machine.
server {
server_name domainname.eu;
# Not sure if this is required,it's purpose was to see where /
# the nginx page was being served from it wasn't the client as thought.
root /usr/share/nginx/test;
location / {
proxy_pass http://192.168.1.2:8096$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect http://192.168.1.2:8096$request_uri http://domainname.eu;
}
# The certbot action has to be done on the forwarding machine not \
# the hosting machine. Any attempt to run it on the host fails. \
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domainname.eu/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domainname.eu/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
add_header Strict-Transport-Security "max-age=31536000" always; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/domainname.eu/chain.pem; # managed by Certbot
ssl_stapling on; # managed by Certbot
ssl_stapling_verify on; # managed by Certbot
}
server {
if ($host = domainname.eu) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name domainname.eu;
root /usr/share/nginx/test;
location / {
proxy_pass http://192.168.1.2:8096$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect http://192.168.1.2:8096$request_uri http://domainname.eu;
}
}
希望它能在将来对某人有所帮助。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。