0

我想通过 HTTPS 设置 SCM-Manager。我已经在 Debian 上进行了安装。我使用带有本地 IP 和 HTTP 的 SCM-Manager。Nginx 是代理并将请求转换为 HTTPS。

proxy_pass http://127.0.0.1:8080;
proxy_redirect http://127.0.0.1:8080 https://repo.mydomain.org;
proxy_set_header X-Forwarded-Proto https;
include /etc/nginx/proxy.conf;

这是单片机配置:

<base-url>https://repo.mydomain.org/</base-url>

server-config.xml => <Set name="contextPath">/scm</Set>
                  => <Set name="forwarded">true</Set>
                  => <SystemProperty name="jetty.host" default="127.0.0.1" />

一切正常,但是当我想查看差异或文件时出现错误。获取内容的 URL 仍然是 HTTP 而不是 HTTPS。以下是不同浏览器(Firefox、Chrome、IE)的输出:

从铬:

混合内容:“ https://repo.mydomain.org/#contentPanel;BQPsols4p3;null;trunk/init.php;content ”页面通过 HTTPS 加载,但请求了不安全的 XMLHttpRequest 端点“ http://repo. mydomain.org/api/rest/repositories/BQPsols4p3/content/?path=trunk/init.php&_dc=1470349149784 '。此请求已被阻止;内容必须通过 HTTPS 提供。

为什么系统尝试通过 HTTP 而不是 HTTPS 获取数据?

另一个小错误是该软件试图获取这种语言脚本,但它们在服务器上不存在。

/resources/moment/lang/fr.js
/resources/extjs/i18n/ext-lang-fr.js
/resources/js/i18n/fr.js
/resources/moment/lang/fr.js
/resources/extjs/i18n/ext-lang-fr.js
/resources/js/i18n/fr.js

如何删除这些404?

编辑

这是 Nginx 的完整配置:

user www-data;
#worker_processes auto;
worker_processes  4;
worker_rlimit_nofile  20480;
pid /run/nginx.pid;

events {
    worker_connections 8192;
    use epoll;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile off;
    tcp_nopush off;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    server_tokens off;

    client_body_timeout   60s;
    client_header_timeout 60s;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;
    gzip_disable "msie6";
    gzip_comp_level 1;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    ssl   off;

    upstream scm {
        server 127.0.0.1:8080;
    }

    ##
    # nginx-naxsi config
    ##
    # Uncomment it if you installed nginx-naxsi
    ##

    #include /etc/nginx/naxsi_core.rules;

    ##
    # Virtual Host Configs
    ##

     server {
           listen       80 default;
           server_name  _;
           #access_log  /var/log/nginx/host.access.log  main;

           location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|mov|swf|dcr)$ {
               root  /home/www/public_html;
               access_log   off;
               expires      30d;
           }

           location / {
               root  /home/www/public_html;
           }

           location ~ /\.ht {
               deny  all;
           }

           location /nginx_status {
               stub_status on;
               access_log off;
               allow 127.0.0.1;
               deny all;
           }
    }


    include /etc/nginx/sites-enabled/*;
}

启用站点(最新配置测试):

server {
    listen       80;
    server_name  repv.mydomain.org;

    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen       443 ssl;
    server_name  repv.mydomain.org;
    #access_log  /var/log/nginx/host.access.log  main;
    error_log /var/log/nginx/error.log;

    ssl on;
    ssl_certificate     /home/ssl/letsencrypt/live/repv.mydomain.org/fullchain.pem;
    ssl_certificate_key /home/ssl/letsencrypt/live/repv.mydomain.org/privkey.pem;

    ssl_stapling            on;
    ssl_stapling_verify     on;
    ssl_trusted_certificate /home/ssl/letsencrypt/live/repv.mydomain.org/fullchain.pem;

    ssl_ciphers               "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
    ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_session_cache         shared:SSL:10m;
    ssl_session_timeout       5m;
    ssl_dhparam               /home/ssl/private/dhparams.pem;

    location / {
        rewrite ^([^.]*[^/])$ http://$host$1/ permanent;

        proxy_pass http://scm;
        include /etc/nginx/proxy.conf;
        proxy_redirect http://scm https://repv.mydomain.org;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ctx "";
    }

}

和 proxy.conf :

proxy_redirect          off;
proxy_set_header        Host            $host;
proxy_set_header        X-Real-IP       $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header       X-Powered-By;
client_max_body_size        20m;
client_body_buffer_size     1024k;
send_timeout                90;
proxy_connect_timeout       90;
proxy_send_timeout          90;
proxy_read_timeout          90;
proxy_buffer_size           16k;
proxy_buffers               8 32k;
proxy_busy_buffers_size     64k;
proxy_temp_file_write_size  64k;
proxy_buffering             on;
proxy_http_version          1.1;

编辑 2

我试图切换到 HTTP。但我有同样的问题。当我想查看文件或差异时,我收到消息“找不到资源”。原因是被调用的 ajax 资源返回 404 错误,没有内容。

示例:“ http://repo.mydomain.org/api/rest/repositories/BQPsols4p3/content/?path=trunk/init.php&revision=30&_dc=1472061397498 ”返回 404...;原始视图“ http://repo.mydomain.org/api/rest/repositories/BQPsols4p3/content/?path=trunk/init.php&revision=30 ”返回404。

你能帮我找出问题吗?

谢谢您的帮助,

斯蒂芬妮

4

1 回答 1

0

我找到了让所有堆栈工作的方法。

首先,我从 Nginx 中删除了该行:

rewrite ^([^.]*[^/])$ http://$host$1/ permanent;

接下来,我使用“chown -Rc scm:scm /home/local/svn”更改了我的 SVN 文件“/home/local/svn”的权限。

最后,当我从旧的 SVN 服务器 1.6 迁移时,我在 SCM Manager 中激活了 Pre 1.6 选项(不要忘记重新启动服务器)。

现在一切正常!

希望这对某人有帮助:)

于 2016-08-25T09:19:17.827 回答