使用 .ebextensions 未找到在 AWS elasticbeanstalk 中配置 nginx 配置文件
ong*_*ong 3 ssl nginx amazon-web-services spring-boot amazon-elastic-beanstalk
我正在尝试使用自签名 SSL 为部署在 AWS elastic beanstalk 上的 springboot webserver 后端启用 https。我按照在线教程和指南使用新的 https-instance.config 更改我的 nginx 配置。
files:
/etc/nginx/conf.d/myconf.conf:
mode: "conf"
owner: root
group: root
content: |
# HTTPS server
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
/etc/pki/tls/certs/server.crt:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN CERTIFICATE-----
mycert
-----END CERTIFICATE-----
/etc/pki/tls/certs/server.key:
mode: "000400"
owner: root
group: root
content: |
-----BEGIN RSA PRIVATE KEY-----
mykey
-----END RSA PRIVATE KEY-----
/opt/elasticbeanstalk/hooks/appdeploy/post/03_restart_nginx.sh:
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
sudo service nginx restart
当我通过 ssh 连接到我的实例时,我无法在 conf.d 下找到我的 myconf.conf 文件。跑步service nginx status给了我
? nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/nginx.service.d
??nginx.conf
Active: active (running) since Wed 2020-08-26 03:06:34 UTC; 15min ago
Process: 28894 ExecStartPost=/bin/sh -c systemctl show -p MainPID nginx.service | cut -d= -f2 > /var/pids/nginx.pid (code=exited, status=0/SUCCESS)
Process: 28890 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 28887 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 28886 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 28893 (nginx)
CGroup: /system.slice/nginx.service
??28893 nginx: master process /usr/sbin/nginx
??28897 nginx: worker process
Aug 26 03:06:34 systemd[1]: Starting The nginx HTTP and reverse proxy server...
Aug 26 03:06:34 nginx[28887]: nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
Aug 26 03:06:34 nginx[28887]: nginx: configuration file /etc/nginx/nginx.conf test is successful
Aug 26 03:06:34 systemd[1]: Started The nginx HTTP and reverse proxy server.
我错过了什么。这是我在 AWS EBS 上的第一个项目。
注意:我正在为 EBS 运行免费层单实例
Amazon Linux 2:您必须在您实际想要将其放置在 Elasticbeanstalk 上的同一层次结构的文件夹中创建文件。例如,对于我来说,在 EBS 中,我需要在下面创建自定义 conf 文件,/etc/nginx/conf.d/elasticbeanstalk/
我的文件夹结构将是:
在文件中我可以添加我所需的配置:
location / {
try_files $uri $uri/ /index.php?$args;
}
The nginx setting you are trying to use (/etc/nginx/conf.d/myconf.conf) is for Amazon Linux 1.
But it seems that you are using Amazon Linux 2 (AL2). Thus you should be using different files for setting nginx. For AL2, the nginx settings should be in .platform/nginx/conf.d/, not in .ebextentions as shown in the docs.
Therefore, you could have the following .platform/nginx/conf.d/myconfig.conf with content:
server {
listen 443;
server_name localhost;
ssl on;
ssl_certificate /etc/pki/tls/certs/server.crt;
ssl_certificate_key /etc/pki/tls/certs/server.key;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:5000;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
The above is an example only of the config file. I can't verify if the setting will actually work, but you are definitely using wrong folders to set nginx options in AL2.
My recommendation would be to try to make it work manually through ssh first. You may find that you need to overwrite entire nginx setting if nothing works by providing your own .platform/nginx/nginx.conf file.
- 谢谢 Marcin,我没有想到这可能是错误的 Linux 版本! (2认同)
| 归档时间: |
|
| 查看次数: |
2080 次 |
| 最近记录: |