如何将此Apache VHost迁移到Nginx
[英]How to migrate this Apache VHost to nginx
问题描述
Im relatively new and wanted to test a service on nginx, but I am struggling to convert this Apache config to nginx. 
我是一个相对较新的人,想在nginx上测试服务,但是我正在努力将此Apache配置转换为nginx。
<VirtualHost *:80>
ServerName api.my-site.de
DocumentRoot /var/www/api.my-site.de/current/public
<Directory "/var/www/api.my-site.de/current/public">
AllowOverride FileInfo AuthConfig Limit Options=All,MultiViews Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Order deny,allow
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName api.my-site.de
DocumentRoot /var/www/api.my-site.de/current/public
<Directory "/var/www/api.my-site.de/current/public">
AllowOverride FileInfo AuthConfig Limit Options=All,MultiViews Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Order deny,allow
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/private/wildcard.my-site.de.crt
SSLCertificateKeyFile /etc/ssl/private/wildcard.my-site.de.key
SSLCertificateChainFile /etc/ssl/private/chain.crt
</VirtualHost>
Can someone help here please? 有人可以帮忙吗? As nginx has nothin like the .htaccess I'm no sure what to do with all the tags. 由于nginx没有.htaccess之类的东西,所以我不确定该如何处理所有标签。
Current draft: 目前的草稿:
server {
listen 80;
listen [::]:80 ipv6only=on;
listen 443 ssl;
listen [::]:443 ipv6only=on ssl;
server_name api.my-site.de
location / {
root /var/www/api.my-site.de/current/public;
}
ssl_certificate /etc/ssl/private/wildcard.my-site.de.crt;
ssl_certificate_key /etc/ssl/private/wildcard.my-site.de.key;
}
1 个解决方案
解决方案1
1 已采纳 2019-02-05 14:55:35
First of all I like to separate in server blocks different configurations (even when now are the same, you'll love yourself when you come back 2 years later and need to read this). 首先,我想在服务器块中分离不同的配置(即使现在相同,两年后回来时,您也会爱上自己,需要阅读本文)。
The ssl certificate: ssl证书:
Nginx reads only 1 crt file, under ssl_certificate, here you need to concatenate your chain and your crt in the same file, more info: Nginx在ssl_certificate下仅读取1个crt文件,在这里您需要将链和crt连接在同一文件中,更多信息:
https://futurestud.io/tutorials/how-to-configure-nginx-ssl-certifcate-chain https://futurestud.io/tutorials/how-to-configure-nginx-ssl-certifcate-chain
So what I would do is: 所以我要做的是:
Copy the certificate somewhere else, for security and not touching anything. 为了安全起见,请勿将证书复制到其他位置。
sudo cp /etc/ssl/private/wildcard.my-site.de.crt /etc/ssl/private/api-mysite-de.pem
And concatenate your chain into the "certificate". 并将您的链条连接到“证书”中。
sudo cat /etc/ssl/private/chain.crt > /etc/ssl/private/api-mysite-de.pem
Then you can set your ssl_certificate to this file for nginx to work. 然后,您可以将ssl_certificate设置为此文件,以使nginx正常工作。
server {
listen 443 ssl;
listen [::]:443 ipv6only=on ssl;
server_name api.my-site.de
ssl_on;
ssl_certificate /etc/ssl/private/api-mysite-de.pem;
ssl_certificate_key /etc/ssl/private/wildcard.my-site.de.key;
access_log /var/log/nginx/ssl-api.my-site.de.access.log;
error_log /var/log/nginx/ssl-api.my-site.de.cat.error.log;
location / {
root /var/www/api.my-site.de/current/public;
}
}
And here it is the http port 80 configuration. 这是http端口80配置。
Leave your .htaccess file into /var/www/api.my-site.de/current/public and it should work correctly. 将您的.htaccess文件保留在/var/www/api.my-site.de/current/public中,它应该可以正常工作。
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name api.my-site.de
access_log /var/log/nginx/api.my-site.de.access.log;
error_log /var/log/nginx/api.my-site.de.cat.error.log;
#logs are love, logs are life
location / {
root /var/www/api.my-site.de/current/public;
}
}
If you need any further configurations or it shows any error in the logs (I configured them there) commend and I'll try to handle it. 如果您需要任何进一步的配置,或者在日志中显示了任何错误(我在此处配置了它们),我们将尝试处理它。
Hope I helped. 希望我能帮上忙。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.