Linux
在 Nginx 上安裝 Matomo 返回 502 Bad Gateway 錯誤
我正在我的 Debian 10 伺服器上安裝Matomo Analytics平台,執行 Nginx 並使用 Cloudflare DNS 和 CDN。不幸的是,我在嘗試訪問它時收到502 Bad Gateway錯誤,表明該錯誤出在主機上。
按照 Matomo 的安裝指南,我安裝了下載最新版本的依賴
/var/www
項並將其解壓縮到:# wget https://builds.matomo.org/matomo.zip && unzip matomo.zip
然後我將他們的Nginx 配置範例複製到
/etc/nginx/sites-available
,將其連結到/etc/nginx/sites-enabled
並修改設置以適合我的情況,如下所述:server { listen [::]:80; # remove this if you don't want Matomo to be reachable from IPv6 listen 80; server_name matomo.andy-sb.com; # Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response. location / { return 301 https://$host$request_uri; } } server { listen [::]:443 ssl http2; # remove this if you don't want Matomo to be reachable from IPv6 listen 443 ssl http2; server_name matomo.andy-sb.com; # list all domains Matomo should be reachable from access_log /var/log/nginx/matomo.access.log; error_log /var/log/nginx/matomo.error.log; ## uncomment if you want to enable HSTS with 6 months cache ## ATTENTION: Be sure you know the implications of this change (you won't be able to disable HTTPS anymore) #add_header Strict-Transport-Security max-age=15768000 always; ## replace with your SSL certificate ssl_certificate /etc/letsencrypt/live/matomo.andy-sb.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/matomo.andy-sb.com/privkey.pem; include ssl.conf; # if you want to support older browsers, please read through this file add_header Referrer-Policy origin always; # make sure outgoing links don't show the URL to the Matomo instance add_header X-Content-Type-Options "nosniff" always; add_header X-XSS-Protection "1; mode=block" always; root /var/www/matomo/; # replace with path to your matomo instance index index.php; ## only allow accessing the following php files location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs)\.php { include snippets/fastcgi-php.conf; # if your Nginx setup doesn't come with a default fastcgi-php config, you can fetch it from https://github.com/nginx/nginx/blob/master/conf/fastcgi.conf #try_files $fastcgi_script_name =404; # protects against CVE-2019-11043. If this line is already included in your snippets/fastcgi-php.conf you can comment it here. fastcgi_param HTTP_PROXY ""; # prohibit httpoxy: https://httpoxy.org/ fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; #replace with the path to your PHP socket file #fastcgi_pass 127.0.0.1:9000; # uncomment if you are using PHP via TCP sockets (e.g. Docker container) } ## deny access to all other .php files location ~* ^.+\.php$ { deny all; return 403; } ## serve all other files normally location / { try_files $uri $uri/ =404; } ## disable all access to the following directories location ~ ^/(config|tmp|core|lang) { deny all; return 403; # replace with 404 to not show these directories exist } location ~ /\.ht { deny all; return 403; } location ~ js/container_.*_preview\.js$ { expires off; add_header Cache-Control 'private, no-cache, no-store'; } location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ { allow all; ## Cache images,CSS,JS and webfonts for an hour ## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade expires 1h; add_header Pragma public; add_header Cache-Control "public"; } location ~ ^/(libs|vendor|plugins|misc/user|node_modules) { deny all; return 403; } ## properly display textfiles in root directory location ~/(.*\.md|LEGALNOTICE|LICENSE) { default_type text/plain; } }
SSL證書有效,執行
nginx -t
不返回任何錯誤,也不執行systemctl restart nginx
重啟Nginx。我已經使用Cloudflare DNS創建了 A 和 AAAA 記錄。
你需要按照這裡所說的去做:
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; #replace with the path to your PHP socket file