同一台计算机上具有两种不同服务的 HTTPD
HTTPD with two different services in the same computer
我有一台 CentOS 6.9 服务器,它是 运行 HTTPD 2.2 下的 DokuWiki。此 wiki 安装在 /var/www/html/dokuwiki。因此,当您键入 myserver.com/dokuwiki 时,它会进入 wiki。如果您键入 myserver.com,一个简单的 index.html 文件 (/var/www/html/index.html) 将与 link 一起显示到 Wiki 和 GitLab。
现在我已经安装了 GitLab 并将其配置为也使用 HTTPD(默认情况下它集成了 NGINX)。 GitLab 和 DokuWiki 如果我自己启动它们都可以正常工作,但我找不到让它们同时可见的方法。
我想要的是:如果用户键入 myserver.com,显示带有两个 link 的 index.html:一个到wiki (myserver.com/dokuwiki) 和另一个 link 到 GitLab 服务器 (myserver.com/gitlab)。通过单击每个,用户可以访问所需的服务。
发生的情况是,如果将 gitlab 的配置优先于其他配置(例如,通过将名称更改为 00-gitlab.conf),wiki 的配置将不起作用,并且当您键入myserver.com 或 myserver.com/dokuwiki,它没有找到任何东西(
Not found "/" 显示)因为它使用其他规则并且没有匹配项(我猜是由于 GitLab 的 Location 指令)。 GitLab 在这种情况下工作正常。
如果我优先配置 Wiki,当我尝试访问 myserver.com/gitlab 时会收到 404 错误,因为这条规则更通用,因此它会忽略其他带有 Location 的规则指示。在这种情况下,索引和 Wiki 工作正常。
这是两者的虚拟主机配置,存储在 /etc/httpd/conf.d 中。一切都是 SSL,并且工作正常。 HTTP(端口 80)的配置几乎相同,但我没有在此处包含它。我在 httpd.conf 中也有 NameVirtualHost *:443。
Wiki/Root:
<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
</VirtualHost>
GitLab
<VirtualHost *:443>
ServerName myserver.com
ServerSignature Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
<Location /gitlab>
Order deny,allow
Allow from all
ProxyPassReverse http://127.0.0.1:8181
ProxyPassReverse http://myserver.com/gitlab
</Location>
RewriteEngine on
#Forward all requests to gitlab-workhorse except existing files like error documents
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public/
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 503 /503.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/myserver_error.log
CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/myserver.log combined
</VirtualHost>
谢谢。
我找到了解决方案。我只需要一个 VirtualHost 并正确定义我的 proxypass。
这是工作文件:
<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html
SSLEngine on
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
ServerSignature Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
Alias /gitlab /opt/gitlab/embedded/service/gitlab-rails/public
<Location /gitlab>
Order deny,allow
Allow from all
ProxyPass http://127.0.0.1:8181
ProxyPassReverse http://127.0.0.1:8181
ProxyPassReverse http://myserver.com/gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 503 /503.html
</Location>
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/myserver_error.log
CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/myserver.log combined
</VirtualHost>
我有一台 CentOS 6.9 服务器,它是 运行 HTTPD 2.2 下的 DokuWiki。此 wiki 安装在 /var/www/html/dokuwiki。因此,当您键入 myserver.com/dokuwiki 时,它会进入 wiki。如果您键入 myserver.com,一个简单的 index.html 文件 (/var/www/html/index.html) 将与 link 一起显示到 Wiki 和 GitLab。
现在我已经安装了 GitLab 并将其配置为也使用 HTTPD(默认情况下它集成了 NGINX)。 GitLab 和 DokuWiki 如果我自己启动它们都可以正常工作,但我找不到让它们同时可见的方法。
我想要的是:如果用户键入 myserver.com,显示带有两个 link 的 index.html:一个到wiki (myserver.com/dokuwiki) 和另一个 link 到 GitLab 服务器 (myserver.com/gitlab)。通过单击每个,用户可以访问所需的服务。
发生的情况是,如果将 gitlab 的配置优先于其他配置(例如,通过将名称更改为 00-gitlab.conf),wiki 的配置将不起作用,并且当您键入myserver.com 或 myserver.com/dokuwiki,它没有找到任何东西(
Not found "/" 显示)因为它使用其他规则并且没有匹配项(我猜是由于 GitLab 的 Location 指令)。 GitLab 在这种情况下工作正常。
如果我优先配置 Wiki,当我尝试访问 myserver.com/gitlab 时会收到 404 错误,因为这条规则更通用,因此它会忽略其他带有 Location 的规则指示。在这种情况下,索引和 Wiki 工作正常。
这是两者的虚拟主机配置,存储在 /etc/httpd/conf.d 中。一切都是 SSL,并且工作正常。 HTTP(端口 80)的配置几乎相同,但我没有在此处包含它。我在 httpd.conf 中也有 NameVirtualHost *:443。
Wiki/Root:
<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
</VirtualHost>
GitLab
<VirtualHost *:443>
ServerName myserver.com
ServerSignature Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
SSLEngine on
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
<Location /gitlab>
Order deny,allow
Allow from all
ProxyPassReverse http://127.0.0.1:8181
ProxyPassReverse http://myserver.com/gitlab
</Location>
RewriteEngine on
#Forward all requests to gitlab-workhorse except existing files like error documents
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
# needed for downloading attachments
DocumentRoot /opt/gitlab/embedded/service/gitlab-rails/public/
#Set up apache error documents, if back end goes down (i.e. 503 error) then a maintenance/deploy page is thrown up.
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 503 /503.html
# It is assumed that the log directory is in /var/log/httpd.
# For Debian distributions you might want to change this to
# /var/log/apache2.
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/myserver_error.log
CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/myserver.log combined
</VirtualHost>
谢谢。
我找到了解决方案。我只需要一个 VirtualHost 并正确定义我的 proxypass。
这是工作文件:
<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html
SSLEngine on
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
ServerSignature Off
ProxyPreserveHost On
AllowEncodedSlashes NoDecode
SSLCertificateFile /etc/httpd/ssl/myserver.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/myserver.com.key
Alias /gitlab /opt/gitlab/embedded/service/gitlab-rails/public
<Location /gitlab>
Order deny,allow
Allow from all
ProxyPass http://127.0.0.1:8181
ProxyPassReverse http://127.0.0.1:8181
ProxyPassReverse http://myserver.com/gitlab
RewriteEngine on
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f [OR]
RewriteCond %{REQUEST_URI} ^/uploads/.*
RewriteRule .* http://127.0.0.1:8181%{REQUEST_URI} [P,QSA,NE]
ErrorDocument 404 /404.html
ErrorDocument 422 /422.html
ErrorDocument 500 /500.html
ErrorDocument 502 /502.html
ErrorDocument 503 /503.html
</Location>
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b" common_forwarded
ErrorLog /var/log/httpd/logs/myserver_error.log
CustomLog /var/log/httpd/logs/myserver_forwarded.log common_forwarded
CustomLog /var/log/httpd/logs/myserver_access.log combined env=!dontlog
CustomLog /var/log/httpd/logs/myserver.log combined
</VirtualHost>