我正在使用 DigitalOcean droplet 来托管 React 应用程序,这只是我的个人网站。它工作正常。我还使用 certbot 在我的页面上获取 ssl 证书。
现在我正在尝试在子域下运行 gitea 服务器。所以我做了设置,进入初始安装页面(git.domain.com/install),然后完成了。我登录到我正在运行的 gitea 服务器,一切似乎都运行良好。
然后我扩展了我的 ssl 认证以包含子域。据我所知,它似乎工作正常。
但是,现在(5 小时后),当我尝试访问“git.domain.com”时,它会显示我的个人网页,而不是 gitea 页面。但网址保持不变,即“git.domain.com”。(所以,在我将 ssl 证书添加到子域之后,它可能被破坏了,但由于浏览器缓存历史记录而没有意识到问题)
我检查了...
- gitea 仍在 localhost:3000 下运行
- Nginx 运行没有错误
- sites-available 与启用站点的链接
- DigitalOcean 上的 DNS 记录
我认为问题在于......
- nginx 配置文件
- 使用 gitea 配置 ssl 证书(我使用 certbot 扩展现有的 ssl 证书以包含子域)
- gitea app.ini 配置
这让我有点生气,我无法弄清楚,所以我决定发布这个。任何帮助表示赞赏。让我知道,如果我应该提供任何其他相关信息。
以下是文件:
# nginx domain.com file
server {
root /var/www/domain.com/html;
index index.html index.htm index.nginx-debian.html;
server_name domain.com www.domain.com;
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}
# nginx git.domain.com file
server {
server_name git.domain.com;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:3000;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = git.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name git.domain.com;
return 404; # managed by Certbot
}
# gitea app.ini file
APP_NAME = Gitea - Git with a cup of tea
RUN_USER = git
RUN_MODE = prod
[oauth2]
JWT_SECRET = FakePass
[security]
INTERNAL_TOKEN = FakeToken
INSTALL_LOCK = true
SECRET_KEY = FakeSecretKey
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gitea
USER = gitea
PASSWD = FakePassword
SSL_MODE = disable
CHARSET = utf8
PATH = /var/lib/gitea/data/gitea.db
ROOT = /home/git/gitea-repositories
[server]
SSH_DOMAIN = git.domain.com
DOMAIN = git.domain.com
ROOT_URL = http://localhost:3000/
DISABLE_SSH = false
SSH_PORT = 22
LFS_START_SERVER = true
LFS_CONTENT_PATH = /var/lib/gitea/data/lfs
LFS_JWT_SECRET = FakeSecretJWTpassword
OFFLINE_MODE = false
HTTP_ADDR = /run/gitea/gitea.sock
PROTOCOL = unix
UNIX_SOCKET_PERMISSION = 666
[mailer]
ENABLED = false
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
DISABLE_REGISTRATION = true
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
ENABLE_CAPTCHA = false
REQUIRE_SIGNIN_VIEW = false
DEFAULT_KEEP_EMAIL_PRIVATE = false
DEFAULT_ALLOW_CREATE_ORGANIZATION = true
DEFAULT_ENABLE_TIMETRACKING = true
NO_REPLY_ADDRESS = noreply.localhost
[picture]
DISABLE_GRAVATAR = false
ENABLE_FEDERATED_AVATAR = true
[openid]
ENABLE_OPENID_SIGNIN = true
ENABLE_OPENID_SIGNUP = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = info
ROOT_PATH = /var/lib/gitea/log