5

我正在尝试在 https 上使用 Uppy 设置 tusd,但没有成功。它在http上运行良好。

这是我的 nginx 配置文件:

server {
  listen 80;
  listen[::]: 80;
  server_name
  DOMAIN.com
  www.DOMAIN.com;

  root / srv / users / DOMAIN / apps / DOMAIN / public;

  access_log / srv / users / DOMAIN / log / DOMAIN / DOMAIN_nginx.access.log main;
  error_log / srv / users / DOMAIN / log / DOMAIN / DOMAIN_nginx.error.log;

  proxy_set_header Host $host;
  proxy_set_header X - Real - IP $remote_addr;
  proxy_set_header X - Forwarded - For $proxy_add_x_forwarded_for;

  include / etc / nginx - sp / vhosts.d / DOMAIN.d
  /*.nonssl_conf;
      include /etc/nginx-sp/vhosts.d/DOMAIN.d/*.conf;
  }

  server {
      listen       443 ssl http2;
      listen       [::]:443 ssl http2;
      server_name
          DOMAIN.com
          www.DOMAIN.com
        ;

      ssl_certificate_key      ssl/DOMAIN.key;
      ssl_certificate          ssl/DOMAIN.combined_crt;

      root   /srv/users/DOMAIN/apps/DOMAIN/public;

      access_log  /srv/users/DOMAIN/log/DOMAIN/DOMAIN_nginx.access_ssl.log  main;
      error_log  /srv/users/DOMAIN/log/DOMAIN/DOMAIN_nginx.error_ssl.log;

      proxy_set_header    Host              $host;
      proxy_set_header    X-Real-IP         $remote_addr;
      proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header    X-Forwarded-SSL   on;
      proxy_set_header    X-Forwarded-Proto $scheme;

      include /etc/nginx-sp/vhosts.d/DOMAIN.d/*.ssl_conf;
      include /etc/nginx-sp/vhosts.d/DOMAIN.d/*.conf;


  location /files/ {
        #resolver 8.8.8.8 4.2.2.2;

        proxy_pass  http://localhost:3020/files;   
        proxy_set_header Host $host; 
        proxy_set_header X-Real-IP $remote_addr;    

        # Disable request and response buffering    
        proxy_request_buffering  off;               
        proxy_buffering          off;                
        proxy_http_version       1.1;                 

        # Add X-Forwarded-* headers so that response can reference https and
        # originating host:port                                                     
        proxy_set_header X-Forwarded-Host $hostname;                       
        proxy_set_header X-Forwarded-Proto $scheme;                                
        proxy_set_header X-Forwarded-Proto https;      
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;            

        # Allow proxying of websockets if required               
        proxy_set_header         Upgrade $http_upgrade;         
        proxy_set_header         Connection "upgrade";        
        client_max_body_size     0;  
    }
  }

在另一个 conf 文件中,我有这个额外的配置:

location / {
    proxy_pass      $backend_protocol://$backend_host:$backend_port;
}

在 Chrome 控制台我有以下输出:

upload.js:2 OPTIONS https://DOMAIN/files/2b775a112504ed1222c6ffdd4fbdac03+Dc99JI0Zvgh54FXVfpp5K32GAiZBjV5bY-d9tzj8fDL1FxNKKZrHP_SBE6OERG8SWAm1ZjqtjYMVWSvWCQLba0qsR8krfVBYw8ApHqIBO7DG9Bn1t_tv_a6nuuTuqlXC net::ERR_NAME_NOT_RESOLVED

注意没有 .com 扩展名的域!

我尝试了所有配置组合,但没有成功注释配置行。你能发现错误吗?

4

3 回答 3

1

承包商为我解决了这个问题,解决方案很简洁。他这样做了,而不是配置 Apache。

在第一个 nginx conf 文件中,他完全删除了“location /files/”部分。在 apache conf 文件中,他添加了以下几行:

    ProxyPass /files http://localhost:3020/files
    ProxyPassReverse /files http://localhost:3020/files

它奏效了。

于 2020-01-04T15:13:30.360 回答
0

这很明显是一个网络问题,应该是在 HTTP 标头中公布的数据与通过网络传输的数据之间存在明显的不匹配。

它可能来自以下方面:

  1. 服务器:如果服务器的某些模块存在错误,该错误会更改内容但不更新标头中的内容长度或无法正常工作。Node HTTP 代理在某些时候就是这种情况(请参阅此处

  2. 代理:您和您的服务器之间的任何代理都可能会修改请求而不更新内容长度标头。

这个问题也可能是 nginx docker 容器磁盘空间问题。只需检查,如果已满,请清除文件。

让我知道这是否有帮助。

于 2020-01-02T07:20:02.240 回答
0

重新使用然后适应(从companion.mywebsite.comyourdomain.com)这个工作nginx配置文件:

(别忘了也改变ssl_certificatessl_certificate_keyssl_dhparam

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        server_name  companion.mywebsite.com;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
                proxy_pass http://0.0.0.0:3020;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/companion.mywebsite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/companion.mywebsite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}


    server {
    if ($host = companion.mywebsite.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  companion.mywebsite.com;
    return 404; # managed by Certbot


}}

然后再试一次...如果您收到此错误:

Nginx Error: The page you are looking for is temporarily unavailable. Please try again later.

跑:

setsebool -P httpd_can_network_connect 1

要修复权限,然后重新启动apache

于 2020-01-02T11:31:48.467 回答