V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
V2EX 提问指南
wayne3602
V2EX  ›  问与答

求教 nginx 配置文件

  •  
  •   wayne3602 · 2023-05-15 21:29:44 +08:00 · 1059 次点击
    这是一个创建于 592 天前的主题,其中的信息可能已经有所发展或是发生改变。

    用手中的 vps 跟着不良林的视频搭建了一个节点,假如现在 nginx 的配置文件是这样的

    user www-data;
    worker_processes auto;
    pid /run/nginx.pid;
    include /etc/nginx/modules-enabled/*.conf;
    
    events {
        worker_connections 1024;
    }
    
    http {
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
    
        include /etc/nginx/mime.types;
        default_type application/octet-stream;
        gzip on;
    
        server {
            listen 443 ssl;
            
            server_name nicename.co;  #你的域名
            ssl_certificate       /etc/x-ui/server.crt;  #证书位置
            ssl_certificate_key   /etc/x-ui/server.key; #私钥位置
            
            ssl_session_timeout 1d;
            ssl_session_cache shared:MozSSL:10m;
            ssl_session_tickets off;
            ssl_protocols    TLSv1.2 TLSv1.3;
            ssl_prefer_server_ciphers off;
    
            location / {
                proxy_pass https://bing.com; #伪装网址
                proxy_redirect off;
                proxy_ssl_server_name on;
                sub_filter_once off;
                sub_filter "bing.com" $server_name;
                proxy_set_header Host "bing.com";
                proxy_set_header Referer $http_referer;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header User-Agent $http_user_agent;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto https;
                proxy_set_header Accept-Encoding "";
                proxy_set_header Accept-Language "zh-CN";
            }
    
    
            location /ray {   #分流路径
                proxy_redirect off;
                proxy_pass http://127.0.0.1:10000; #Xray 端口
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            }
            
            location /xui {   #xui 路径
                proxy_redirect off;
                proxy_pass http://127.0.0.1:9999;  #xui 监听端口
                proxy_http_version 1.1;
                proxy_set_header Host $host;
            }
        }
    
        server {
            listen 80;
            location /.well-known/ {
                   root /var/www/html;
                }
            location / {
                    rewrite ^(.*)$ https://$host$1 permanent;
                }
        }
    }
    

    现在我还想安装一个 docker 项目,假如这个 docker 将占用端口6666,我将使用域名pl.help.me
    那么我如何修改 nginx.conf 文件,让该域名对应 6666 端口并为该域名申请 ssl 证书
    小白一枚,只会用 nginx-proxy-manager 来反向代理,一直不会使用 nginx 配置文件来反向代理,恳请各位教一下❤😢

    9 条回复    2023-05-16 15:12:28 +08:00
    icoming
        1
    icoming  
       2023-05-15 21:35:20 +08:00   ❤️ 1
    server {
    listen 80;
    listen 443 ssl;
    server_name pl.help.me;

    # http 强制跳转 https
    if ($scheme = http ) {
    return 301 https://$host$request_uri;
    }

    location / {
    proxy_redirect off;
    proxy_pass http://127.0.0.1:6666;

    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Range $http_range;
    proxy_set_header If-Range $http_if_range;
    }
    }
    wayne3602
        2
    wayne3602  
    OP
       2023-05-15 21:40:23 +08:00
    @icoming 谢谢谢谢谢,问一下,如果我申请了 ssl 证书,怎么指定证书位置呢?还是说不需要指定
    icoming
        3
    icoming  
       2023-05-15 21:48:55 +08:00
    @wayne3602 照你主题中的配置,放证书、私钥就行了。另外像 certbot 生成证书时可以选择让程序完成这个操作。
    wayne3602
        4
    wayne3602  
    OP
       2023-05-15 21:52:39 +08:00
    @icoming 意思是在 server_name 下面这样指定嘛?
    ```
    ssl_certificate 证书位置
    ssl_certificate_key 私钥位置
    ```
    icoming
        5
    icoming  
       2023-05-15 21:58:00 +08:00
    @wayne3602 是的
    wayne3602
        6
    wayne3602  
    OP
       2023-05-15 22:39:42 +08:00
    @icoming Job for nginx.service failed.
    See "systemctl status nginx.service" and "journalctl -xeu nginx.service" for details.
    555 失败了,我是这样配置的
    #cloudeve
    server {
    listen 80;
    listen 443 ssl;
    server_name cloud.waynet.top;
    ssl_certificate /etc/cloudreve/server.crt
    ssl_certificate_key /etc/cloudreve/server.key

    # http 强制跳转 https
    if ($scheme = http ) {
    return 301 https://$host$request_uri;
    }

    location / {
    proxy_redirect off;
    proxy_pass http://127.0.0.1:1234;

    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Range $http_range;
    proxy_set_header If-Range $http_if_range;
    }
    }
    wayne3602
        7
    wayne3602  
    OP
       2023-05-15 22:47:31 +08:00
    @icoming 找到错误啦,少加了分号;
    linyongqianglal
        8
    linyongqianglal  
       2023-05-16 11:30:26 +08:00
    老实说我到现在也弄不明白 nginx ,都是 Ctrl C + Ctrl V
    wayne3602
        9
    wayne3602  
    OP
       2023-05-16 15:12:28 +08:00 via Android
    @linyongqianglal 我也一样,不过我是用 npm ,连复制粘贴都不用🤣
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2687 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 85ms · UTC 03:57 · PVG 11:57 · LAX 19:57 · JFK 22:57
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.