lnmp ,宝塔, caddy2 反代教程记录

1: 为什么用 lnmp

caddy2 太难用了, 被大家放弃.
caddy1 反代细节资料有点少了.
宝塔现在要实名了, 不玩.
还是 lnmp 吧.

2: 安装lnmp

LNMP一键安装包 – CentOS/RadHat/Debian/Ubuntu下自动编译安装Nginx,PHP,MySQL,PHPMyAdmin

3: lnmp常用路径


Clean Web Server src directory...
+------------------------------------------------------------------------+
|          LNMP V1.8 for Debian Linux Server, Written by Licess          |
+------------------------------------------------------------------------+
|           For more information please visit https://lnmp.org           |
+------------------------------------------------------------------------+
|    lnmp status manage: lnmp {start|stop|reload|restart|kill|status}    |
+------------------------------------------------------------------------+
|  phpMyAdmin: http://IP/phpmyadmin/                                     |
|  phpinfo: http://IP/phpinfo.php                                        |
|  Prober:  http://IP/p.php                                              |
+------------------------------------------------------------------------+
|  Add VirtualHost: lnmp vhost add                                       |
+------------------------------------------------------------------------+
|  Default directory: /home/wwwroot/default                              |
+------------------------------------------------------------------------+
|  MySQL/MariaDB root password: a090217                          |
+------------------------------------------------------------------------+
+-------------------------------------------+
|    Manager for LNMP, Written by Licess    |
+-------------------------------------------+
|              https://lnmp.org             |
+-------------------------------------------+
nginx (pid 217823) is running...
php-fpm is runing!
● mysql.service - MySQL Community Server
     Loaded: loaded (/etc/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: active (running) since Sun 2022-02-13 10:51:47 CST; 2s ago
   Main PID: 217903 (mysqld_safe)
      Tasks: 17 (limit: 1127)
     Memory: 52.2M
        CPU: 826ms
     CGroup: /system.slice/mysql.service
             ├─217903 /bin/sh /usr/local/mysql/bin/mysqld_safe --datadir=/usr/local/mysql/var --pid-file=/usr/local/mysql/var/debian.pid
             └─218410 /usr/local/mysql/bin/mysqld --basedir=/usr/local/mysql --datadir=/usr/local/mysql/var --plugin-dir=/usr/local/mysql/lib/plugin --user=mysql --log-error=debian.err --open-files-limit=65535 --pid-file=/usr/local/mysql/var/debian.pid --socket=/tmp/mysql.sock --port=3306

Feb 13 10:51:43 debian systemd[1]: Starting MySQL Community Server...
Feb 13 10:51:47 debian mysql[217890]: Starting MySQL....
Feb 13 10:51:47 debian systemd[1]: Started MySQL Community Server.
State  Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
LISTEN 0      511          0.0.0.0:80        0.0.0.0:*
LISTEN 0      511          0.0.0.0:80        0.0.0.0:*
LISTEN 0      128          0.0.0.0:22        0.0.0.0:*
LISTEN 0      10         127.0.0.1:25        0.0.0.0:*
LISTEN 0      50           0.0.0.0:3306      0.0.0.0:*
LISTEN 0      10         127.0.0.1:587       0.0.0.0:*
LISTEN 0      128             [::]:22           [::]:*
Install lnmp takes 64 minutes.
Install lnmp V1.8 completed! enjoy it.
root@debian:~/lnmp1.8#


其他常用路径,命令:

# 网站路径
/home/wwwroot/default 

# 配置路径
/usr/local/nginx/conf/vhost/baidu.ltd.conf

# 配置后重新 nginx
service nginx reload




4: nginx 的反代配置参考

** 完整版 **


   {
        listen 80;
        #listen [::]:80;
        server_name globalpublichealthlinkages.ltd www.globalpublichealthlinkages.ltd;
        proxy_ssl_server_name on;

        location / {
            sub_filter                'www.globalpublichealthlinkages.org' globalpublichealthlinkages.ltd;
            sub_filter_once           off;
            sub_filter_types          text/*;
            proxy_set_header Host     www.globalpublichealthlinkages.org;
            proxy_set_header          Accept-Encoding '';
            proxy_pass                https://www.globalpublichealthlinkages.org;
        }



        access_log off;
    }

server
    {
        listen 443 ssl http2;
        #listen [::]:443 ssl http2;
        server_name globalpublichealthlinkages.ltd www.globalpublichealthlinkages.ltd;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/globalpublichealthlinkages.ltd;
        proxy_ssl_server_name on;

        ssl_certificate /usr/local/nginx/conf/ssl/globalpublichealthlinkages.ltd/fullchain.cer;
        ssl_certificate_key /usr/local/nginx/conf/ssl/globalpublichealthlinkages.ltd/globalpublichealthlinkages.ltd.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
        ssl_session_cache builtin:1000 shared:SSL:10m;
        # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
        ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
        location / {
            sub_filter                'www.globalpublichealthlinkages.org' globalpublichealthlinkages.ltd;
            sub_filter_once           off;
            sub_filter_types          text/*;
            proxy_set_header Host     www.globalpublichealthlinkages.org;
            proxy_set_header          Accept-Encoding '';
            proxy_pass                https://www.globalpublichealthlinkages.org;
        }

        access_log off;
    }



核心配置


        # 这句不加的话,无法成功代理.# 502 Bad Gateway
        proxy_ssl_server_name on;
        
        # nginx 对应的反代配置核心
        location / {
            sub_filter                'www.globalpublichealthlinkages.org' globalpublichealthlinkages.ltd;
            sub_filter_once           off;
            sub_filter_types          text/*;
            proxy_set_header Host     www.globalpublichealthlinkages.org;
            proxy_set_header          Accept-Encoding '';
            proxy_pass                https://www.globalpublichealthlinkages.org;
}


5: 宝塔环境 nginx 核心配置


    # 这句不加的话,无法成功代理.# 502 Bad Gateway
    proxy_ssl_server_name on;
    
    # nginx 对应的反代配置核心
    location / {
        sub_filter                'www.globalpublichealthlinkages.org' www.globalpublichealthlinkages.ltd;
        sub_filter_once           off;
        sub_filter_types          text/*;
        proxy_set_header Host     www.globalpublichealthlinkages.org;
        proxy_set_header          Accept-Encoding '';
        proxy_pass                https://www.globalpublichealthlinkages.org;
    }

6: caddy2 核心配置

Caddyfile 为caddy 配置,替换 wix.itsong.com
caddy需要替换插件所以从网上下载

插件路径


{
    order filter after encode
}

http://wix.itsong.com {
    # rewrite * /website{path}
    reverse_proxy * https://www.globalpublichealthlinkages.org {
        header_up Host www.globalpublichealthlinkages.org
        header_up X-Real-IP {http.request.remote.host}
        header_up X-Forwarded-For {http.request.remote.host}
        header_up X-Forwarded-Port {http.request.port}
        header_up -Accept-Encoding
        header_down Set-Cookie www.globalpublichealthlinkages.org wix.itsong.com
    }
    filter {
        path .*
        content_type text/.*
        search_pattern www.globalpublichealthlinkages.org
        replacement wix.itsong.com
    }
}


© 版权声明
THE END
在时间中留下我的脚印
分享
评论 抢沙发
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称表情图片