宝塔系统 nginx位置记录
nginx位置
linux安装宝塔后,nginx目录位置在:/www/server/nginx/中
代理配置文件在:/www/server/panel/vhost/nginx
申请SSL证书
1. 添加nginx配置文件
Markup 全选
server {
listen 80;
server_name ***.***.com;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}2. 重载nginx使配置文件生效
Markup 全选
nginx -s reload3. 测试申请证书
Markup 全选
certbot certonly --webroot --webroot-path /var/www/certbot/ --dry-run -d ***.***.com测试没问题后,正式申请证书
Markup 全选
certbot certonly --webroot --webroot-path /var/www/certbot/ -d ***.***.com4. 更改nginx配置
Markup 全选
server {
listen 80;
server_name ***.***.com;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
return 301 https://$host$request_uri; # http自动跳转https
}
server {
listen 443;
server_name ***.***.com;
ssl_certificate /etc/letsencrypt/live/***.***.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/***.***.com/privkey.pem;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
proxy_pass http://127.0.0.1:8080;
# 添加头部信息
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
}
}5. 最后,别忘了重载nginx
Markup 全选
nginx -s reload
版权声明:本文为YES开发框架网发布内容,转载请附上原文出处连接
post 张国生
