Nuxt.js + Laravel 在同一台服务器 nginx 上

【问题标题】:Nuxt.js + Laravel on same server nginxNuxt.js + Laravel 在同一台服务器 nginx 上
【发布时间】:2019-09-28 07:23:14
【问题描述】:

我想在我的 DigitalOcean 服务器(Ubuntu 18.04)上部署 nuxt + laravel 项目。我已经在上面配置了域名和 SSL 证书。我正在寻找正确的 nginx 配置,以便在同一台服务器上为客户端和 API 提供服务。

我为客户端配置了代理,可惜API不可用


# Redirect http to https
server {
    listen 80;
    listen [::]:80 ipv6only=on default_server;
    server_name MY_DOMAIN_NAME;
    return 302 https://$server_name$request_uri;
}

# SSL configs
server {
    listen 443 ssl http2;
    ssl_certificate /etc/nginx/fullchain.pem;
    ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

     # Use our own DH params
    ssl_dhparam /etc/nginx/dhparam.pem;

    ssl_session_cache   shared:SSL:40m;
    ssl_session_timeout 4h;

    ssl_session_tickets on;

    server_name MY_DOMAIN_NAME;
    root /var/www/MY_LARAVEL_APP_FOLDER/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ \.css {
    add_header  Content-Type    text/css;
    }
    location ~ \.js {
        add_header  Content-Type    application/x-javascript;
    }

    #client 
    location / {
        expires $expires;

        proxy_set_header Host               $host;
        proxy_set_header X-Real-IP          $remote_addr;
        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto  $scheme;
        proxy_redirect              off;
        proxy_read_timeout          1m;
        proxy_connect_timeout       1m;
        proxy_pass                          http://127.0.0.1:3000; # set the adress of the Node.js
    }


    location ~ /\.(?!well-known).* {
        deny all;
    }
}

我试过这段代码,nginx 说重复的位置/(逻辑)。请帮助我:) 使用代理或不使用代理为 API 和客户端设置服务器的正确方法是什么?

【问题讨论】:

    标签: laravel nginx nginx-config nuxt.js


    【解决方案1】:

    您的nginx.conf 存在问题,您不能声明具有相同位置的两个块,在您的情况下为/

    一个更好的方法是使用两个使用虚拟主机的服务器块

    1. example.com(主域)
    2. api.example.com(API 子域)

    example.conf

    # Redirect http to https
server {
    listen 80;
    listen [::]:80 ipv6only=on default_server;
    server_name example.com;
    return 302 https://$server_name$request_uri;
}

# SSL configs
server {
    listen 443 ssl http2;
    ssl_certificate /etc/nginx/fullchain.pem;
    ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

     # Use our own DH params
    ssl_dhparam /etc/nginx/dhparam.pem;

    ssl_session_cache   shared:SSL:40m;
    ssl_session_timeout 4h;

    ssl_session_tickets on;

    server_name example.com;
    root /var/www/MY_LARAVEL_APP_FOLDER/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ \.css {
    add_header  Content-Type    text/css;
    }
    location ~ \.js {
        add_header  Content-Type    application/x-javascript;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }
}

    对于 API api.example.conf

    # Redirect http to https
server {
    listen 80;
    listen [::]:80 ipv6only=on default_server;
    server_name api.example.com;
    return 302 https://$server_name$request_uri;
}

# SSL configs
server {
    listen 443 ssl http2;
    ssl_certificate /etc/nginx/fullchain.pem;
    ssl_certificate_key /etc/nginx/MY_DOMAIN_NAME.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

     # Use our own DH params
    ssl_dhparam /etc/nginx/dhparam.pem;

    ssl_session_cache   shared:SSL:40m;
    ssl_session_timeout 4h;

    ssl_session_tickets on;

    server_name api.example.com;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    charset utf-8;

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;


    location ~ \.css {
    add_header  Content-Type    text/css;
    }
    location ~ \.js {
        add_header  Content-Type    application/x-javascript;
    }

    #client 
    location / {
        expires $expires;

        proxy_set_header Host               $host;
        proxy_set_header X-Real-IP          $remote_addr;
        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto  $scheme;
        proxy_redirect              off;
        proxy_read_timeout          1m;
        proxy_connect_timeout       1m;
        proxy_pass                          http://127.0.0.1:3000; # set the adress of the Node.js
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }
}

    【讨论】:

    • 谢谢。不幸的是,我的域名服务计划不允许创建子域。在同一域和同一服务器上运行 api 和客户端的任何其他解决方案?
    • 经过几次尝试,我根据您的回答找到了解决此问题的方法。现在我将www.example.com 用于api,example.com 用于客户端。不是最好的方法,但它的工作原理:D 再次感谢!
    • @Object 我认为您错误地交换了 api 和主域配置。你能确认一下吗?
    【解决方案2】:

    对于仍在寻找不使用子域来使用 Nuxt 和 Laravel 的方法的人,您可以查看 here

    我已经粘贴了下面文章中显示的配置(以防链接失效):

    map_hash_max_size 262144;
map_hash_bucket_size 262144;

map $sent_http_content_type $expires {
    "text/html"                 epoch;
    "text/html; charset=utf-8"  epoch;
    default                     off;
}

server {
    listen 80;
    listen 443 ssl;
    server_name dev.domain.tld;
    root "/path/to/laravel/public";

    index index.php;

    # Access Restrictions
    allow       127.0.0.1;
    deny        all;

    location /api {
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location / {
        try_files $uri $uri/ @proxy;
        autoindex on;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass php_upstream;      
        #fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    # Enable SSL
    ssl_certificate "C:/etc/ssl/mycert.crt";
    ssl_certificate_key "C:/etc/ssl/mycert.key";
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
    ssl_prefer_server_ciphers on;


    charset utf-8;

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }
    location ~ /\.ht {
        deny all;
    }

    location @proxy {
        expires $expires;
        add_header Content-Security-Policy "default-src 'self' 'unsafe-inline';";
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-Cache-Status $upstream_cache_status;

        proxy_redirect                      off;
        proxy_set_header Host               $host;
        proxy_set_header X-Real-IP          $remote_addr;
        proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto  $scheme;
        proxy_ignore_headers        Cache-Control;
        proxy_http_version          1.1;
        proxy_read_timeout          1m;
        proxy_connect_timeout       1m;
        proxy_pass                  http://127.0.0.1:3000; # set the adress of the Node.js instance here
        #proxy_cache                 nuxt-cache;
        proxy_cache_bypass          $arg_nocache; # probably better to change this
        proxy_cache_valid           200 302  60m; # set this to your needs
        proxy_cache_valid           404      1m;  # set this to your needs
        proxy_cache_lock            on;
        proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
        proxy_cache_key             $uri$is_args$args;
        #proxy_cache_purge           PURGE from 127.0.0.1;
    }   

}

    【讨论】:

      猜你喜欢
      • 2021-03-29
      • 2019-11-03
      • 2018-03-19
      • 1970-01-01
      • 2018-09-06
      • 2014-01-02
      • 2015-03-08
      • 2016-12-17
      • 2019-10-29
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode