Centos 7 部署Seafile+Nginx
我们之前简单部署了Seafile服务器,如今在Seafile的基础上使用Openssl+Nginx反向代理8000端口部署。
82 cd /usr/src
84 wget https://www.openssl.org/source/openssl-1.1.0c.tar.gz
85 wget http://nginx.org/download/nginx-1.10.2.tar.gz
86 tar xzf Nginx-1.10.2.tar.gz && mv Nginx-1.10.2.tar.gz ~
87 tar xzf openssl-1.1.0c.tar.gz && mv openssl-1.1.0c.tar.gz ~
89 cd Nginx-1.10.2
90 ./configure --prefix=/etc/Nginx --sbin-path=/usr/sbin/Nginx --conf-path=/etc/Nginx/Nginx.conf --error-log-path=/var/log/Nginx/error.log --http-log-path=/var/log/Nginx/access.log --pid-path=/var/run/Nginx.pid --lock-path=/var/run/Nginx.lock --http-client-body-temp-path=/var/cache/Nginx/client_temp --http-proxy-temp-path=/var/cache/Nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/Nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/Nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/Nginx/scgi_temp --user=Nginx --group=Nginx --with-openssl=/usr/src/openssl-1.1.0c --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-threads --with-stream --with-stream_ssl_module --with-http_slice_module --with-mail --with-mail_ssl_module --with-file-aio --with-http_v2_module --with-ipv6
92 make && make install
94 useradd -s /sbin/nologin -M Nginx
95 mkdir -p /var/cache/Nginx/
98 openssl genrsa -out privkey.pem 2048
99 openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095/*按回车后可以随便填写内容*/
101 vi /etc/Nginx/Nginx.conf/*按回车后注释以下内容-并添加内容*/
/*注释内容如下*/
# server {
# listen 80;
# server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
# location / {
# root html;
# index index.html index.htm;
# }
# redirect server error pages to the static page /50x.html
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# root html;
# }
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.PHP$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.PHP$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.PHP;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files,if Apache's document root
# concurs with Nginx's one
#
#location ~ /\.ht {
# deny all;
#}
# }
server {
listen 80;
server_name seafile.abc.com;#自己的域名
rewrite ^ https://$http_host$request_uri? permanent; #强制将http重定向到https
}
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/cacert.pem; #cacert.pem 文件路径
ssl_certificate_key /etc/ssl/privkey.pem; #privkey.pem 文件路径
server_name seafile.abc.com;#自己的域名
proxy_set_header X-Forwarded-For $remote_addr;
location / {
fastcgi_pass 127.0.0.1:8000;#端口号
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
access_log /var/log/Nginx/seahub.access.log;
error_log /var/log/Nginx/seahub.error.log;
}
location /seafhttp {
rewrite ^/seafhttp(.*)$ $1 break;
proxy_pass http://127.0.0.1:8082;
client_max_body_size 0;
proxy_connect_timeout 36000s;
proxy_read_timeout 36000s;
}
location /media {
root /home/cloud/seafile-server-latest/seahub;#seahub路径
}
}
123 Nginx -c /etc/Nginx/Nginx.conf
124 ./seafile.sh start
125 ./seahub.sh start-fastcgi
访问WEB:https://192.168.88.10//*如果提示404请重启服务器且执行123,124,125步骤*/
admin_User:abc@abc.com
psk:abc
