问题描述
我最近将Ruby on Rails应用程序部署到了带有Nginx,passenger& amp;的普通Ubuntu 16.04 DigitalOcean小滴.让我们加密.
I have recently deployed my Ruby on Rails application to a plain Ubuntu 16.04 DigitalOcean droplet with Nginx, passenger & Let's encrypt.
rails应用程序仅适用于乘客和Nginx,但在安装Let's Encrypt之后,它指向欢迎使用Nginx"页面,而不是我的rails应用程序.
The rails app worked fine with just passenger and Nginx but after I installed Let's Encrypt, it points to the "Welcome to Nginx" page instead of my rails app.
我可以进行更改以查看欢迎使用Nginx!"页并在浏览器中查看结果.
I am able to make changes to see the "Welcome to Nginx!" page and see the results in the browser.
当我将启用站点的配置中的根目录更改为应用程序路径而不是/html时,出现403禁止错误.
When I change the root location in my sites-enabled configs to my application path instead of /html I get a 403 Forbidden error.
这是我的应用程序所在的位置:/var/www/myapp/code/
This is where my application is: /var/www/myapp/code/
我不知道会有什么...当我尝试将根目录更改为应用程序的/public目录时,我不断收到"403 Forbidden nginx/1.14.0".我什至将/html
文件夹移到了myapp
目录中,并加载了欢迎使用Nginx!".页面也在那里.我需要做一些事情来处理我应用程序视图中的index.html.erb
文件,还是我需要创建一个没有任何ERB
的自定义index.html
?
I don't know what gives... I keep getting "403 Forbidden nginx/1.14.0" when I try to change the root to my app's /public directory. I've even moved the /html
folder into myapp
directory and it loads the "Welcome to Nginx!" page there too. Is there something I need to do for it to process my index.html.erb
files in my app's views, or, do I need to make a custom index.html
without any ERB
?
(工作)的权限均设置为root rails
欢迎来到Nginx!"索引路径和myapp/code/public路径.
The permissions are set to root rails
for both the (working) "Welcome to Nginx!" index path and myapp/code/public path.
我希望获得帮助,谢谢!
I would love some help, thank you!
我的/etc/nginx/sites-enabled/default
(无评论):
server {
root /var/www/myapp/code/public;
index index.html.erb index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/transverseaudio.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/transverseaudio.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.transverseaudio.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = transverseaudio.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 404; # managed by Certbot
}
我的/etc/nginx/sites-enabled/myapp.conf
:
server {
listen 80;
server_name transverseaudio.com www.transverseaudio.com;
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/myapp/code/public;
# Turn on Passenger
passenger_enabled on;
passenger_ruby /usr/local/rvm/gems/ruby-2.5.1/wrappers/ruby;
}
我进一步研究了Ruby + Rails配置并验证了安装的正确版本:
I looked further into my Ruby + Rails config and verified the right versions where installed:
轨道-v = Rails 5.2.0
Ruby -v = ruby 2.5.1p57 (2018-03-29 revision 63029) [x86_64-linux]
Ruby -v = ruby 2.5.1p57 (2018-03-29 revision 63029) [x86_64-linux]
推荐答案
您描述了旅途中的多个不同问题.让我们解决它们,以便它们(应该)出现.
you describe multiple different problems in your journey. let's tackle them in order they (should) have appeared.
默认页面
您已正确标识服务器在默认主页/var/www/html
中为您的根服务.如果您不想让nginx对该目录进行读取访问,则可以尝试将/var/www/html符号链接到应用程序的公共目录.实际的问题是,您正在基于名称的托管,并且域名是在默认站点而不是myapp.conf上配置的.如果将默认列出的server_name移到myapp.conf
中的server_name指令,就足够了.
You have correctly identified that the server is serving your root at /var/www/html
which is the default homepage. You could try symlinking /var/www/html to you app's public dir, if you don't want to give nginx read access to that directory.The actual issue is, that you are doing a name based hosting and your domain name is configured on the default site and not your myapp.conf. If you move the server_name listed in default to the server_name directive in myapp.conf
it would be enough.
Passanger也应该接听请求:
Also Passanger is should pick up the requests:
禁止使用403
成功更改虚拟主机的根之后,nginx可能无法在其中读取数据.这可能是由于文件权限错误所致,即运行nginx的用户无法读取目录/文件.
After successfully changing the root of the virtual host, nginx might not be able to read the data there. This could be due to bad file permissions, i.e. the user running nginx cannot read the directory/file.
如果您没有索引文档并且目录索引被禁用,也会发生这种情况.您可以创建索引文档或添加一些重写规则.
Also this happens if you don't have an index document and directory indexing is disabled. You can either create a index document or add some rewrite rule.
500
如果您tail
nginx的日志文件,它应该为您提供有关错误消息的更多详细信息. 500是服务器端错误,因此nginx至少应该给您一个提示.我认为这是因为您的服务器部分/文件中缺少该文件.
if you tail
the logfiles of nginx, it should give you more details for the error message. 500 is a server side error, so nginx should at least give you a hint. I assume it's because of missing in your server section/file.
# Turn on Passenger
passenger_enabled on;
passenger_ruby /usr/local/rvm/gems/ruby-2.3.0/wrappers/ruby;
包装
还要确保您的nginx.conf中有include /etc/nginx/passenger.conf;
.
ensure also that you have include /etc/nginx/passenger.conf;
in your nginx.conf.
因此将其全部包装起来,我建议删除默认值以使其不受干扰.
so wrapping it all up, I recommend removing the default to get it out of the way.
# redirect non https traffic for the correct domains
server {
if ($host = www.transverseaudio.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = transverseaudio.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 404; # managed by Certbot
}
server {
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/transverseaudio.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/transverseaudio.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# server for these domains
server_name transverseaudio.com www.transverseaudio.com;
# first try to serve the erb version.
index index.html;
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/myapp/code/public;
# Turn on Passenger
passenger_enabled on;
passenger_ruby /usr/local/rvm/gems/ruby-2.5.1/wrappers/ruby;
}
这篇关于让我们加密“欢迎使用Nginx"的Nginx代替Rails应用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!