软件安装和证书下载我就不啰嗦了,网上教程很多
server {
listen 80;
server_name www.xxx.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443 ssl;
server_name www.xxx.com;
root /xxxx/index;
index index.html;
client_max_body_size 30M;
client_body_buffer_size 30M;
ssl_certificate "/usr/local/nginx/conf/cert/xxx.crt";
ssl_certificate_key "/usr/local/nginx/conf/cert/xxx.key";
ssl_session_timeout 20m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4!DHE;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
try_files $uri @app;
}
location @app {
proxy_pass http://172.18.0.1:8080$request_uri;
https://172.18.0.1:8080$request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /static {
alias /static;
}
}
[uwsgi]
http = 172.18.0.1:8080
chdir = /xxx/xxx/app/app/
wsgi-file = main.py
callable = app
chmod-socket = 777
disable-logging = false
daemonize = /tmp/mylog.log
东西不多,但是坑还是有几个地方的。 **1.**配置完https后访问域名还是提示不安全,仔细一看原来还是http://www.xxx.com,然后我在上面写了一个重定向 **2.**就是nginx配置了https后,uwsgi该怎么配置才能让nginx代理,我自己只用了http和https,我用sock失败了 **3.**uwsgi配置http和https的时候用ifconfig查看本机ip,不能用127.0.0.1
|