NGINX NGINX Trac 3rd Party Modules Security Advisories CHANGES OpenResty ngx_lua Tengine 在线学习资源 NGINX 开发从入门到精通 NGINX Modules ngx_echo
这是一个创建于 466 天前的主题,其中的信息可能已经有所发展或是发生改变。
域名已经处理 不增加 http 块,可以正常访问,证书正常,增加了 http 块就报证书错误,请教一下。全部都 docker 启动 我的 nginx 配置 如下
worker_processes auto; # 自动设置为 CPU 核心数 worker_rlimit_nofile 100000; # 增加每个 worker 进程可以打开的文件数 events { worker_connections 4096; # 增加每个 worker 进程的最大连接数 multi_accept on; # 允许每个 worker 进程同时接受多个连接 } http { include /etc/nginx/mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; gzip on; server { listen 80; server_name es.x.com.cn; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name es.x.com.cn; # SSL 证书和密钥配置 ssl_certificate /usr/share/nginx/html/ssl-qianduan/es.x.com.cn_bundle.pem; ssl_certificate_key /usr/share/nginx/html/ssl-qianduan/es.x.com.cn.key; # SSL 优化配置 ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; ssl_stapling on; ssl_stapling_verify on; location / { root /usr/share/nginx/html; # 路径改成自己的 dist 路径 index index.html index.htm; try_files $uri $uri/ /index.html; #解决刷新页面变成 404 问题的代码 } location /prod-api/ { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://172.16.238.13:8089/; } } server { listen 80; server_name esb.x.com.cn; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name esb.x.com.cn; # SSL 证书和密钥配置 ssl_certificate /usr/share/nginx/html/ssl-houduan/esb.x.com.cn_bundle.pem; ssl_certificate_key /usr/share/nginx/html/ssl-houduan/esb.x.com.cn.key; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://172.16.238.13:8089/; } } # 阻止通过 IP 地址或未知的域名访问 server { listen 80 default_server; listen 443 default_server ssl; # SSL 证书和密钥配置 ssl_certificate /usr/share/nginx/html/ssl-houduan/esb.x.com.cn_bundle.pem; ssl_certificate_key /usr/share/nginx/html/ssl-houduan/esb.x.com.cn.key; server_name es.x.com.cn; return 444; # 返回一个非标准的状态码,通常用于阻止客户端的访问 } }  | 1 Dragonish3600 2024-08-19 17:04:18 +08:00 via iPhone 你好歹把具体的错误信息发出来啊…… |
 | 3 xinzi OP 把 ``` worker_processes auto; # 自动设置为 CPU 核心数 worker_rlimit_nofile 100000; # 增加每个 worker 进程可以打开的文件数 events { worker_connections 4096; # 增加每个 worker 进程的最大连接数 multi_accept on; # 允许每个 worker 进程同时接受多个连接 } http { include /etc/nginx/mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; gzip on; ``` 去就可以正常访问,加上就报错 没有证书 |
 | 5 Alucns 2024-08-19 17:10:43 +08:00 nginx -t 把错误报告发上来吧。 |
| 6 xinzi OP @Aluhao #5 /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf is not a file or does not exist /docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up 2024/08/19 17:26:52 [emerg] 1#1: "worker_processes" directive is not allowed here in /etc/nginx/conf.d/nginx.conf:1 nginx: [emerg] "worker_processes" directive is not allowed here in /etc/nginx/conf.d/nginx.conf:1 证书没问题 |
 | 7 YaD2x 2024-08-19 17:38:22 +08:00 /etc/nginx/conf.d/default.conf is not a file or does not exist |
 | 8 f1ush 2024-08-19 17:55:06 +08:00 @xinzi nginx.conf 文件写重复了吧,默认 nginx.conf 路径是 /etc/nginx/nginx.conf ,看你的报错是 /etc/nginx/conf.d/nginx.conf 路径下面又有一个了 |
 | 9 darkengine 2024-08-19 18:14:29 +08:00 [emerg] 1#1: "worker_processes" directive is not allowed here in /etc/nginx/conf.d/nginx.conf:1 不是提了第一行有问题? default.conf 那个只是 info ,不用管。 |
| 10 darkengine 2024-08-19 18:18:39 +08:00 |
| 11 xinzi OP @ladypxy @Aluhao @darkengine @YaD2x @f1ush 感谢各位 找到问题了 nginx 有 2 哥配置文件 一个是 /etc/nginx/nginx.conf 一个是 /etc/nginx/conf.d/nginx.conf 因此 worker_processes auto; # 自动设置为 CPU 核心数 worker_rlimit_nofile 100000; # 增加每个 worker 进程可以打开的文件数 参数需要配置在 /etc/nginx/nginx.conf 而不是 /etc/nginx/conf.d/nginx.conf 这 2 个参数是全局参数 |
Select Language