Fatal编程技术网
  • nginx/
  • 如何将此Apache VHost迁移到nginx

如何将此Apache VHost迁移到nginx

nginx microservices

如何将此Apache VHost迁移到nginx,nginx,hosting,microservices,Nginx,Hosting,Microservices,我比较新,想在nginx上测试一个服务,但我很难将这个Apache配置转换为nginx <VirtualHost *:80> ServerName api.my-site.de DocumentRoot /var/www/api.my-site.de/current/public <Directory "/var/www/api.my-site.de/current/public"> AllowOverride FileInfo AuthCo

我比较新,想在nginx上测试一个服务,但我很难将这个Apache配置转换为nginx

<VirtualHost *:80>

  ServerName api.my-site.de

  DocumentRoot /var/www/api.my-site.de/current/public

  <Directory "/var/www/api.my-site.de/current/public">
      AllowOverride FileInfo AuthConfig Limit Options=All,MultiViews Indexes
      Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
      Order deny,allow
      Require all granted
  </Directory>

</VirtualHost>


<VirtualHost *:443>

  ServerName api.my-site.de

  DocumentRoot /var/www/api.my-site.de/current/public

  <Directory "/var/www/api.my-site.de/current/public">
      AllowOverride FileInfo AuthConfig Limit Options=All,MultiViews Indexes
      Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
      Order deny,allow
  </Directory>

 SSLEngine on

 SSLCertificateFile           /etc/ssl/private/wildcard.my-site.de.crt
 SSLCertificateKeyFile     /etc/ssl/private/wildcard.my-site.de.key
 SSLCertificateChainFile  /etc/ssl/private/chain.crt

</VirtualHost>
首先,我喜欢在服务器块中分离不同的配置(即使现在是一样的,当你2年后回来需要阅读这篇文章时,你会爱上你自己)

ssl证书:

Nginx仅读取1个crt文件,在ssl_证书下,此处您需要将链和crt连接到同一文件中,更多信息:

所以我要做的是:

将证书复制到其他地方,以确保安全,并且不接触任何东西

sudo cp /etc/ssl/private/wildcard.my-site.de.crt /etc/ssl/private/api-mysite-de.pem
并将您的链连接到“证书”中

然后,您可以将ssl\U证书设置到此文件,以便nginx工作

server {

    listen 443 ssl;
    listen [::]:443 ipv6only=on ssl;

    server_name api.my-site.de
    ssl_on;
    ssl_certificate      /etc/ssl/private/api-mysite-de.pem;
    ssl_certificate_key  /etc/ssl/private/wildcard.my-site.de.key;

    access_log /var/log/nginx/ssl-api.my-site.de.access.log; 
    error_log /var/log/nginx/ssl-api.my-site.de.cat.error.log;


    location / {
        root   /var/www/api.my-site.de/current/public;
    }


}
这里是http端口80配置

将.htaccess文件放在/var/www/api.my-site.de/current/public中,它应该可以正常工作

server {
    listen 80;
    listen [::]:80 ipv6only=on;

    server_name api.my-site.de
    access_log /var/log/nginx/api.my-site.de.access.log; 
    error_log /var/log/nginx/api.my-site.de.cat.error.log;

    #logs are love, logs are life

    location / {
        root   /var/www/api.my-site.de/current/public;
    }

}
如果您需要任何进一步的配置,或者它在日志中显示任何错误(我在那里配置了它们),请推荐,我将尝试处理它

希望我能帮上忙。

您可以将.htaccess文件放在/var/www/api.my-site.de/current/public目录中,并在那里处理任何需要的重写或其他操作。(如果这是你正在经历的困难时期)。此外,将链和crt放入一个文件中,以便于ssl管理。如果您有任何问题或希望我编写服务器块,请告诉我。@flaixmani我添加了我的服务器配置版本,这看起来正确吗?我找不到SSLCertificateChainFile的选项。我省略了这个目录部分。在nginx中没有SSLCertificateChainFile,您需要做的是将crt和链放在同一个文件中,并使用ssl\u证书引用该文件。现在您已经有了一个草稿,我将尝试创建一个服务器块来工作(同时提供有关ssl证书的说明)。 
server {

    listen 443 ssl;
    listen [::]:443 ipv6only=on ssl;

    server_name api.my-site.de
    ssl_on;
    ssl_certificate      /etc/ssl/private/api-mysite-de.pem;
    ssl_certificate_key  /etc/ssl/private/wildcard.my-site.de.key;

    access_log /var/log/nginx/ssl-api.my-site.de.access.log; 
    error_log /var/log/nginx/ssl-api.my-site.de.cat.error.log;


    location / {
        root   /var/www/api.my-site.de/current/public;
    }


}

server {
    listen 80;
    listen [::]:80 ipv6only=on;

    server_name api.my-site.de
    access_log /var/log/nginx/api.my-site.de.access.log; 
    error_log /var/log/nginx/api.my-site.de.cat.error.log;

    #logs are love, logs are life

    location / {
        root   /var/www/api.my-site.de/current/public;
    }

}