帶有 SSL 的 Nginx PM2 NodeJS 反向代理提供 HTTP 504
曾幾何時,我對三個NodeJs進行了很好的配置,socket.io API 在同一個Ubuntu 16.4 LTS VPS伺服器上執行, PM2用於程序管理,Nginx用於三個不同子域的反向代理。
我成功安裝了來自Let’s encrypt的****SSL證書,所有子域都來自同一個域(比如說 exemple.com),應該重定向到 https。
一旦我嘗試為非 NodeJs 應用程序(PHP/laravel)添加第四個子域,反向代理就不再傳遞,不幸的是我沒有舊 Nginx 配置的備份。
現在,我正試圖恢復我的 VPS 與三個舊 NodeJs 應用程序的和諧,但它給了我來自Nginx****的 504 Gateway Time-out。
這是我的配置,我認為是相同的舊配置:
此配置在 chrome 上執行良好,但我正在嘗試從移動和桌面應用程序訪問我的 API。
# HTTP — redirect all traffic to HTTPS server { listen 80; listen [::]:80 default_server ipv6only=on; return 301 https://$host$request_uri; } # App1 from port 3000 to sub1.exemple.com server { # Enable HTTP/2 listen 443 ssl http2; listen [::]:443 ssl http2; server_name sub1.exemple.com; # Use the Let’s Encrypt certificates ssl_certificate /etc/letsencrypt/live/sub1.exemple.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/sub1.exemple.com/privkey.pem; # Include the SSL configuration from cipherli.st include snippets/ssl-params.conf; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-NginX-Proxy true; proxy_ssl_session_reuse off; proxy_set_header Host $http_host; proxy_cache_bypass $http_upgrade; proxy_pass http://localhost:3000/; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } # App2 from port 4000 to sub2.exemple.com server { # Enable HTTP/2 listen 443 ssl http2; listen [::]:443 ssl http2; server_name sub2.exemple.com; # Use the Let’s Encrypt certificates ssl_certificate /etc/letsencrypt/live/sub2.exemple.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/sub2.exemple.com/privkey.pem; # Include the SSL configuration from cipherli.st include snippets/ssl-params.conf; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-NginX-Proxy true; proxy_ssl_session_reuse off; proxy_set_header Host $http_host; proxy_cache_bypass $http_upgrade; proxy_pass http://localhost:4000/; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } # App2 from port 5000 to sub3.exemple.com server { # Enable HTTP/2 listen 443 ssl http2; listen [::]:443 ssl http2; server_name sub3.exemple.com; # Use the Let’s Encrypt certificates ssl_certificate /etc/letsencrypt/live/sub3.exemple.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/sub3.exemple.com/privkey.pem; # Include the SSL configuration from cipherli.st include snippets/ssl-params.conf; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-NginX-Proxy true; proxy_ssl_session_reuse off; proxy_set_header Host $http_host; proxy_cache_bypass $http_upgrade; proxy_pass http://localhost:5000/; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }更新以獲取更多資訊。
Nginx、NodeJs 和 PM2 沒有給出任何錯誤。日誌很乾淨。這是我在檢查請求時得到的。
它在套接字請求時成功:(兩者
wss://&https://)
當其他人請求時失敗:
我還想提一下,每個子都安裝了 SSL,並且應用程序穩定並且在本地伺服器上執行沒有任何問題。
我發現了問題所在,不是 Nginx,不是 PM2,不是 Nodejs ,也不是SSL,都在我部署的應用程序中。Mongodb程序中的一個問題使他沒有自動啟動。因此,應用程序接受第一個請求,因為它不需要數據庫干預,並在超時後拒絕登錄請求,因為應用程序已經崩潰但 PM2 重新啟動它並且 Nginx 保持子域對請求開放。
**FF:**所以如果你經過這裡,你可能需要檢查你的應用環境。例如:SGBD、R/W 權限、API…
希望這可以幫助任何有類似問題的人。
嘗試添加
proxy_set_header X-Forwarded-Proto $scheme;內部位置塊