Amazon web services 在AWS elasticbeanstalk中配置nginx配置文件时未找到.ebextensions
我正在尝试使用自签名SSL为部署在AWS elastic beanstalk上的springboot Web服务器后端启用https。我按照在线教程和指南使用新的https-instance.config更改了我的nginx配置Amazon web services 在AWS elasticbeanstalk中配置nginx配置文件时未找到.ebextensions,amazon-web-services,spring-boot,ssl,nginx,amazon-elastic-beanstalk,Amazon Web Services,Spring Boot,Ssl,Nginx,Amazon Elastic Beanstalk,我正在尝试使用自签名SSL为部署在AWS elastic beanstalk上的springboot Web服务器后端启用https。我按照在线教程和指南使用新的https-instance.config更改了我的nginx配置 files: /etc/nginx/conf.d/myconf.conf: mode: "conf" owner: root group: root content: | # HTTPS server
files:
/etc/nginx/conf.d/myconf.conf:
mode: "conf"
owner: root
group: root
content: |
# HTTPS server
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
/etc/pki/tls/certs/server.crt:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN CERTIFICATE-----
mycert
-----END CERTIFICATE-----
/etc/pki/tls/certs/server.key:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN RSA PRIVATE KEY-----
mykey
-----END RSA PRIVATE KEY-----
/opt/elasticbeanstalk/hooks/appdeploy/post/03_restart_nginx.sh:
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
sudo service nginx restart
当我ssh到我的实例时,我无法在conf.d下找到myconf.conf文件。运行服务nginx status
会给我
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/nginx.service.d
└─nginx.conf
Active: active (running) since Wed 2020-08-26 03:06:34 UTC; 15min ago
Process: 28894 ExecStartPost=/bin/sh -c systemctl show -p MainPID nginx.service | cut -d= -f2 > /var/pids/nginx.pid (code=exited, status=0/SUCCESS)
Process: 28890 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 28887 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 28886 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 28893 (nginx)
CGroup: /system.slice/nginx.service
├─28893 nginx: master process /usr/sbin/nginx
└─28897 nginx: worker process
Aug 26 03:06:34 systemd[1]: Starting The nginx HTTP and reverse proxy server...
Aug 26 03:06:34 nginx[28887]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Aug 26 03:06:34 nginx[28887]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Aug 26 03:06:34 systemd[1]: Started The nginx HTTP and reverse proxy server.
我错过了什么。这是我在AWS EBS上的第一个项目
注意:我正在运行EBS的免费层单实例您尝试使用的
nginx
设置(/etc/nginx/conf.d/myconf.conf
)用于Amazon Linux 1
但您似乎正在使用亚马逊Linux 2(AL2)。因此,您应该使用不同的文件来设置nginx。对于AL2,nginx设置应该在.platform/nginx/conf.d/
中,而不是在.ebextensions
中,如中所示
因此,您可以拥有以下内容的.platform/nginx/conf.d/myconfig.conf
:
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
以上仅是配置文件的一个示例。我无法验证该设置是否实际有效,但您肯定使用了错误的文件夹来设置AL2中的nginx选项
我的建议是首先尝试通过ssh手动工作。您可能会发现,通过提供自己的.platform/nginx/nginx.conf
文件,如果没有任何效果,您需要覆盖整个nginx设置。Amazon Linux 2:
您必须在文件夹中创建文件,该文件夹的层次结构与您实际希望将其放置在Elasticbeanstalk上的文件夹的层次结构相同。例如,在EBS中,我需要在/etc/nginx/conf.d/elasticbeanstalk/
为此,我的文件夹结构将是:
在文件中,我可以添加所需的配置:
location / {
try_files $uri $uri/ /index.php?$args;
}
谢谢Marcin,我没有想到它可能是错误的linux版本!非常感谢你!我花了很长时间浏览AWS文档/教程(但我猜这是针对错误版本的)。我不明白为什么我的配置在ssh登录时没有显示。这是不是在
之前执行
。platform/hooks?我有一个这样的设置,但它总是错误的文件.crt
不存在。使用在.platform/hooks/prebuild上执行的certbot
生成的文件