Nginx

nginx 預設為 /usr/share/nginx/html 而不是轉到根目錄中指定的文件夾

  • September 15, 2021

我正在使用letsencrypt,為使用nginx和gunicorn在生產模式下託管的django項目設置ssl

正在使用的作業系統(作業系統)是:amazon Linux 2

每當我嘗試執行伺服器時,我都會不斷獲得 amazon Linux 2 預設頁面,當我檢查錯誤日誌時,我會收到以下錯誤:

2021/09/11 11:59:14 [error] 18402#18402: *1961 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 122.174.182.129, server: example.com, request: "GET /favicon.ico HTTP/2.0", host: "www.example.com", referrer: "https://www.example.com/"

輸出sudo nginx -T

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
   worker_connections 1024;
}
http {
   log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
                     '"$http_user_agent" "$http_x_forwarded_for"';

   access_log  /var/log/nginx/access.log  main;

   sendfile            on;
   tcp_nopush          on;
   tcp_nodelay         on;
   keepalive_timeout   65;
   types_hash_max_size 4096;

   include             /etc/nginx/mime.types;
   default_type        application/octet-stream;

   # Load modular configuration files from the /etc/nginx/conf.d directory.
   # See http://nginx.org/en/docs/ngx_core_module.html#include
   # for more information.
   include /etc/nginx/conf.d/*.conf;
   server {

   #if ($host = www.example.com) {
   #    return 301 https://$host$request_uri;
   #} # managed by Certbot
  #
  # if ($host = example.com) {
  #     return 301 https://$host$request_uri;
  # } # managed by Certbot


   listen 80;
   server_name example.com www.example.com;
   root /home/ec2-user/buisness;
   if ($host = www.example.com) {
       return 301 https://$host$request_uri;
   } # managed by Certbot

   if ($host = example.com) {
       return 301 https://$host$request_uri;
   } # managed by Certbot
   location = /favicon.ico { access_log off; log_not_found off; }

   location /static {
       root /home/ec2-user/buisness;
   }

   location / {
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
   }

}

 #  server {
  #     listen       80;
   #    listen       [::]:80;
    #   server_name  _;
    #   root         /home/ec2-user/buisness;

       # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#       error_page 404 /404.html;
 #      location = /404.html {
  #     }

   #    error_page 500 502 503 504 /50x.html;
    #   location = /50x.html {
     #  }
   #}

# Settings for a TLS enabled server.

   server {
       listen       443 ssl http2;
       listen       [::]:443 ssl http2;
       server_name  example.com www.example.com;
       root         /home/ec2-user/buisness/;


       ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
       ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
       ssl_session_cache shared:SSL:1m;
       ssl_session_timeout  10m;
       ssl_ciphers HIGH:!aNULL:!MD5;
       ssl_prefer_server_ciphers on;

       # Load configuration files for the default server block.
       include /etc/nginx/default.d/*.conf;
       error_page 404 /404.html;
           location = /40x.html {
       }

      error_page 500 502 503 504 /50x.html;
           location = /50x.html {
       }
}

}


# configuration file /etc/nginx/mime.types:

types {
   text/html                                        html htm shtml;
   text/css                                         css;
   text/xml                                         xml;
   image/gif                                        gif;
   image/jpeg                                       jpeg jpg;
   application/javascript                           js;
   application/atom+xml                             atom;
   application/rss+xml                              rss;

   text/mathml                                      mml;
   text/plain                                       txt;
   text/vnd.sun.j2me.app-descriptor                 jad;
   text/vnd.wap.wml                                 wml;
   text/x-component                                 htc;

   image/png                                        png;
   image/svg+xml                                    svg svgz;
   image/tiff                                       tif tiff;
   image/vnd.wap.wbmp                               wbmp;
   image/webp                                       webp;
   image/x-icon                                     ico;
   image/x-jng                                      jng;
   image/x-ms-bmp                                   bmp;

   font/woff                                        woff;
   font/woff2                                       woff2;

   application/java-archive                         jar war ear;
   application/json                                 json;
   application/mac-binhex40                         hqx;
   application/msword                               doc;
   application/pdf                                  pdf;
   application/postscript                           ps eps ai;
   application/rtf                                  rtf;
   application/vnd.apple.mpegurl                    m3u8;
   application/vnd.google-earth.kml+xml             kml;
   application/vnd.google-earth.kmz                 kmz;
   application/vnd.ms-excel                         xls;
   application/vnd.ms-fontobject                    eot;
   application/vnd.ms-powerpoint                    ppt;
   application/vnd.oasis.opendocument.graphics      odg;
   application/vnd.oasis.opendocument.presentation  odp;
   application/vnd.oasis.opendocument.spreadsheet   ods;
   application/vnd.oasis.opendocument.text          odt;
   application/vnd.openxmlformats-officedocument.presentationml.presentation
                                                    pptx;
   application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
                                                    xlsx;
   application/vnd.openxmlformats-officedocument.wordprocessingml.document
                                                    docx;
   application/vnd.wap.wmlc                         wmlc;
   application/x-7z-compressed                      7z;
   application/x-cocoa                              cco;
   application/x-java-archive-diff                  jardiff;
   application/x-java-jnlp-file                     jnlp;
   application/x-makeself                           run;
   application/x-perl                               pl pm;
   application/x-pilot                              prc pdb;
   application/x-rar-compressed                     rar;
   application/x-redhat-package-manager             rpm;
   application/x-sea                                sea;
   application/x-shockwave-flash                    swf;
   application/x-stuffit                            sit;
   application/x-tcl                                tcl tk;
   application/x-x509-ca-cert                       der pem crt;
   application/x-xpinstall                          xpi;
   application/xhtml+xml                            xhtml;
   application/xspf+xml                             xspf;
   application/zip                                  zip;

   application/octet-stream                         bin exe dll;
   application/octet-stream                         deb;
   application/octet-stream                         dmg;
   application/octet-stream                         iso img;
   application/octet-stream                         msi msp msm;

   audio/midi                                       mid midi kar;
   audio/mpeg                                       mp3;
   audio/ogg                                        ogg;
   audio/x-m4a                                      m4a;
   audio/x-realaudio                                ra;

   video/3gpp                                       3gpp 3gp;
   video/mp2t                                       ts;
   video/mp4                                        mp4;
   video/mpeg                                       mpeg mpg;
   video/quicktime                                  mov;
   video/webm                                       webm;
   video/x-flv                                      flv;
   video/x-m4v                                      m4v;
   video/x-mng                                      mng;
   video/x-ms-asf                                   asx asf;
   video/x-ms-wmv                                   wmv;
   video/x-msvideo                                  avi;
}

當我執行時sudo nginx -t:我沒有收到任何錯誤

PS:這是我第一次使用letsencrypt和nginx託管ssl,所以如果.conf文件看起來非常集群,我並不抱歉。

任何幫助將不勝感激,謝謝!

好的,所以我解決了

簡短的回答:您需要將伺服器塊 80 中包含的規則添加到 443 伺服器塊

長答案:我的 nginx.conf 文件:

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
   worker_connections 1024;
}
http {
   log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                     '$status $body_bytes_sent "$http_referer" '
                     '"$http_user_agent" "$http_x_forwarded_for"';

   access_log  /var/log/nginx/access.log  main;

   sendfile            on;
   tcp_nopush          on;
   tcp_nodelay         on;
   keepalive_timeout   65;
   types_hash_max_size 4096;

   include             /etc/nginx/mime.types;
   default_type        application/octet-stream;

   # Load modular configuration files from the /etc/nginx/conf.d directory.
   # See http://nginx.org/en/docs/ngx_core_module.html#include
   # for more information.
   include /etc/nginx/conf.d/*.conf;
   server {

   listen 80;
   server_name example.com www.example.com;
   root /home/ec2-user/buisness;
   if ($host = www.example.com) {
       return 301 https://$server_name$request_uri;
   } # managed by Certbot

   if ($host = example.com) {
       return 301 https://$server_name$request_uri;
   } # managed by Certbot
   location = /favicon.ico { access_log off; log_not_found off; }

   location /static {
       root /home/ec2-user/buisness;
   }


   location / {
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
   }

}



# Settings for a TLS enabled server.

   server {
       listen       443 ssl http2;
       listen       [::]:443 ssl http2;
       server_name  www.example.com example.com;


       ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
       ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
       ssl_session_cache shared:SSL:1m;
       ssl_session_timeout  10m;
       ssl_ciphers HIGH:!aNULL:!MD5;
       ssl_prefer_server_ciphers on;

       # Load configuration files for the default server block.
       #include /etc/nginx/default.d/*.conf;
       include /etc/nginx/conf.d/*.conf;
      # include /home/ec2-user/buisness/Main;

   location = /favicon.ico { access_log off; log_not_found off; }

   location /static {
       root /home/ec2-user/buisness;
   }

   location / {
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
   }
}
}

提到的規則是:

location = /favicon.ico { access_log off; log_not_found off; }

   location /static {
       root /home/ec2-user/buisness;
   }


   location / {
       proxy_set_header Host $http_host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
   }

更改.conf文件後,執行以下步驟:

  1. sudo nginx -t:這將確認您的文件是否存在任何語法錯誤
  2. sudo systemctl restart nginx:這將更新您的 nginx

對未來讀者的幾個警告:

  1. 檢查您的根路徑是否確實存在
  2. 根據您的.sock文件所在的位置更改您的代理通行證

從數字海洋向鮑比(bobbyiliev)大喊 - 他幫我解決了這個問題

還請查看 mod 評論中連結的聊天,以了解 建議的改進nikita,並感謝您Michael Hampton

關於數字海洋的問題連結:問題

引用自:https://serverfault.com/questions/1077282