Nginx
HaProxy 邊緣重定向到某些 URI 模式的代理埠(而不是代理)
我正在嘗試使用 HaProxy 作為我的邊緣網路伺服器,使用 Nginx 作為我在 localhost:9180 上執行的主要應用程序伺服器,正常的代理行為在 domain.com 上執行良好(它只是按預期顯示來自 domain.com 的 :9180 的輸出) , domain.com/subdir/index.php 也是如此 - 但 domain.com/subdir 出於某種原因重定向到 domain.com:9180/subdir - 這是 haproxy 的一些預設行為嗎?我在任何地方都找不到真正描述這種行為的任何東西,這可能是我的 Nginx 配置的一個方面……
可能相關的是,HaProxy 將所有來自 domain.com:443 的流量盲目地傳遞給 Nginx(因此稍後它將傳遞 domain1.com domain2.com domain3.com - 等等),然後由 Nginx 處理域區分和應用程序邏輯每個域的基礎(下面的配置)。我還意識到省略了一些預設配置細節,我仍處於早期階段,所以這在某種程度上是一個原始的概念證明。
HaProxy 配置:
global tune.ssl.default-dh-param 2048 frontend localhost bind *:80 bind *:443 ssl crt /etc/ssl/haproxy_certs/pem/ no-sslv3 no-tlsv10 no-tlsv11 ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA mode http http-request redirect scheme https unless { ssl_fc } default_backend localhost backend localhost balance roundrobin mode http server localhost 127.0.0.1:8180 check
Nginx 配置:
server { listen 8180; server_name domain.com; root /var/www/web/domain_com; index index.php index.html; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { fastcgi_index index.php; try_files $uri =404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass 127.0.0.1:9000; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }
編輯:
PHP-FPM 配置:
(有人建議它可能是相關的)
;;;;;;;;;;;;;;;;;;;;; ; FPM Configuration ; ;;;;;;;;;;;;;;;;;;;;; ; All relative paths in this configuration file are relative to PHP's install ; prefix. ; Include one or more files. If glob(3) exists, it is used to include a bunch of ; files from a glob(3) pattern. This directive can be used everywhere in the ; file. include=/etc/php-fpm.d/*.conf ;;;;;;;;;;;;;;;;;; ; Global Options ; ;;;;;;;;;;;;;;;;;; [global] ; Pid file ; Default Value: none pid = /run/php-fpm/php-fpm.pid ; Error log file ; If it's set to "syslog", log is sent to syslogd instead of being written ; in a local file. ; Default Value: /var/log/php-fpm.log error_log = /var/log/php-fpm/error.log ; syslog_facility is used to specify what type of program is logging the ; message. This lets syslogd specify that messages from different facilities ; will be handled differently. ; See syslog(3) for possible values (ex daemon equiv LOG_DAEMON) ; Default Value: daemon ;syslog.facility = daemon ; syslog_ident is prepended to every message. If you have multiple FPM ; instances running on the same server, you can change the default value ; which must suit common needs. ; Default Value: php-fpm ;syslog.ident = php-fpm ; Log level ; Possible Values: alert, error, warning, notice, debug ; Default Value: notice ;log_level = notice ; Log limit on number of characters in the single line (log entry). If the ; line is over the limit, it is wrapped on multiple lines. The limit is for ; all logged characters including message prefix and suffix if present. However ; the new line character does not count into it as it is present only when ; logging to a file descriptor. It means the new line character is not present ; when logging to syslog. ; Default Value: 1024 ;log_limit = 4096 ; Log buffering specifies if the log line is buffered which means that the ; line is written in a single write operation. If the value is false, then the ; data is written directly into the file descriptor. It is an experimental ; option that can potentionaly improve logging performance and memory usage ; for some heavy logging scenarios. This option is ignored if logging to syslog ; as it has to be always buffered. ; Default value: yes ;log_buffering = no ; If this number of child processes exit with SIGSEGV or SIGBUS within the time ; interval set by emergency_restart_interval then FPM will restart. A value ; of '0' means 'Off'. ; Default Value: 0 ;emergency_restart_threshold = 0 ; Interval of time used by emergency_restart_interval to determine when ; a graceful restart will be initiated. This can be useful to work around ; accidental corruptions in an accelerator's shared memory. ; Available Units: s(econds), m(inutes), h(ours), or d(ays) ; Default Unit: seconds ; Default Value: 0 ;emergency_restart_interval = 0 ; Time limit for child processes to wait for a reaction on signals from master. ; Available units: s(econds), m(inutes), h(ours), or d(ays) ; Default Unit: seconds ; Default Value: 0 ;process_control_timeout = 0 ; The maximum number of processes FPM will fork. This has been designed to control ; the global number of processes when using dynamic PM within a lot of pools. ; Use it with caution. ; Note: A value of 0 indicates no limit ; Default Value: 0 ;process.max = 128 ; Specify the nice(2) priority to apply to the master process (only if set) ; The value can vary from -19 (highest priority) to 20 (lowest priority) ; Note: - It will only work if the FPM master process is launched as root ; - The pool process will inherit the master process priority ; unless specified otherwise ; Default Value: no set ;process.priority = -19 ; Send FPM to background. Set to 'no' to keep FPM in foreground for debugging. ; Default Value: yes daemonize = yes ; Set open file descriptor rlimit for the master process. ; Default Value: system defined value ;rlimit_files = 1024 ; Set max core size rlimit for the master process. ; Possible Values: 'unlimited' or an integer greater or equal to 0 ; Default Value: system defined value ;rlimit_core = 0 ; Specify the event mechanism FPM will use. The following is available: ; - select (any POSIX os) ; - poll (any POSIX os) ; - epoll (linux >= 2.5.44) ; Default Value: not set (auto detection) ;events.mechanism = epoll ; When FPM is built with systemd integration, specify the interval, ; in seconds, between health report notification to systemd. ; Set to 0 to disable. ; Available Units: s(econds), m(inutes), h(ours) ; Default Unit: seconds ; Default value: 10 ;systemd_interval = 10 ;;;;;;;;;;;;;;;;;;;; ; Pool Definitions ; ;;;;;;;;;;;;;;;;;;;; ; Multiple pools of child processes may be started with different listening ; ports and different management options. The name of the pool will be ; used in logs and stats. There is no limitation on the number of pools which ; FPM can handle. Your system will tell you anyway :) ; See /etc/php-fpm.d/*.conf
請將此指令添加到您的 nginx 伺服器配置中:
port_in_redirect off;