nginx はルートで指定されたフォルダに行く代わりに、デフォルトで /usr/share/nginx/html に移動します

nginx はルートで指定されたフォルダに行く代わりに、デフォルトで /usr/share/nginx/html に移動します

私は、nginxとgunicornを使用してプロダクションモードでホストされているdjangoプロジェクトのSSLを設定するためにletsencryptを使用しています。

使用されているOS(オペレーティングシステム)は、amazon Linux 2です。

サーバーを実行しようとすると、Amazon Linux 2 のデフォルト ページが表示され続け、エラー ログを確認すると次のエラーが表示されます。

2021/09/11 11:59:14 [error] 18402#18402: *1961 open() "/usr/share/nginx/html/favicon.ico" failed (2: No such file or directory), client: 122.174.182.129, server: example.com, request: "GET /favicon.ico HTTP/2.0", host: "www.example.com", referrer: "https://www.example.com/"

出力sudo nginx -T:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}
http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
    server {

    #if ($host = www.example.com) {
    #    return 301 https://$host$request_uri;
    #} # managed by Certbot
   #
   # if ($host = example.com) {
   #     return 301 https://$host$request_uri;
   # } # managed by Certbot


    listen 80;
    server_name example.com www.example.com;
    root /home/ec2-user/buisness;
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
    location = /favicon.ico { access_log off; log_not_found off; }

    location /static {
        root /home/ec2-user/buisness;
    }

    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
    }

}

  #  server {
   #     listen       80;
    #    listen       [::]:80;
     #   server_name  _;
     #   root         /home/ec2-user/buisness;

        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
 #       error_page 404 /404.html;
  #      location = /404.html {
   #     }

    #    error_page 500 502 503 504 /50x.html;
     #   location = /50x.html {
      #  }
    #}

# Settings for a TLS enabled server.

    server {
        listen       443 ssl http2;
        listen       [::]:443 ssl http2;
        server_name  example.com www.example.com;
        root         /home/ec2-user/buisness/;


        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        error_page 404 /404.html;
            location = /40x.html {
        }

       error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
}

}


# configuration file /etc/nginx/mime.types:

types {
    text/html                                        html htm shtml;
    text/css                                         css;
    text/xml                                         xml;
    image/gif                                        gif;
    image/jpeg                                       jpeg jpg;
    application/javascript                           js;
    application/atom+xml                             atom;
    application/rss+xml                              rss;

    text/mathml                                      mml;
    text/plain                                       txt;
    text/vnd.sun.j2me.app-descriptor                 jad;
    text/vnd.wap.wml                                 wml;
    text/x-component                                 htc;

    image/png                                        png;
    image/svg+xml                                    svg svgz;
    image/tiff                                       tif tiff;
    image/vnd.wap.wbmp                               wbmp;
    image/webp                                       webp;
    image/x-icon                                     ico;
    image/x-jng                                      jng;
    image/x-ms-bmp                                   bmp;

    font/woff                                        woff;
    font/woff2                                       woff2;

    application/java-archive                         jar war ear;
    application/json                                 json;
    application/mac-binhex40                         hqx;
    application/msword                               doc;
    application/pdf                                  pdf;
    application/postscript                           ps eps ai;
    application/rtf                                  rtf;
    application/vnd.apple.mpegurl                    m3u8;
    application/vnd.google-earth.kml+xml             kml;
    application/vnd.google-earth.kmz                 kmz;
    application/vnd.ms-excel                         xls;
    application/vnd.ms-fontobject                    eot;
    application/vnd.ms-powerpoint                    ppt;
    application/vnd.oasis.opendocument.graphics      odg;
    application/vnd.oasis.opendocument.presentation  odp;
    application/vnd.oasis.opendocument.spreadsheet   ods;
    application/vnd.oasis.opendocument.text          odt;
    application/vnd.openxmlformats-officedocument.presentationml.presentation
                                                     pptx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
                                                     xlsx;
    application/vnd.openxmlformats-officedocument.wordprocessingml.document
                                                     docx;
    application/vnd.wap.wmlc                         wmlc;
    application/x-7z-compressed                      7z;
    application/x-cocoa                              cco;
    application/x-java-archive-diff                  jardiff;
    application/x-java-jnlp-file                     jnlp;
    application/x-makeself                           run;
    application/x-perl                               pl pm;
    application/x-pilot                              prc pdb;
    application/x-rar-compressed                     rar;
    application/x-redhat-package-manager             rpm;
    application/x-sea                                sea;
    application/x-shockwave-flash                    swf;
    application/x-stuffit                            sit;
    application/x-tcl                                tcl tk;
    application/x-x509-ca-cert                       der pem crt;
    application/x-xpinstall                          xpi;
    application/xhtml+xml                            xhtml;
    application/xspf+xml                             xspf;
    application/zip                                  zip;

    application/octet-stream                         bin exe dll;
    application/octet-stream                         deb;
    application/octet-stream                         dmg;
    application/octet-stream                         iso img;
    application/octet-stream                         msi msp msm;

    audio/midi                                       mid midi kar;
    audio/mpeg                                       mp3;
    audio/ogg                                        ogg;
    audio/x-m4a                                      m4a;
    audio/x-realaudio                                ra;

    video/3gpp                                       3gpp 3gp;
    video/mp2t                                       ts;
    video/mp4                                        mp4;
    video/mpeg                                       mpeg mpg;
    video/quicktime                                  mov;
    video/webm                                       webm;
    video/x-flv                                      flv;
    video/x-m4v                                      m4v;
    video/x-mng                                      mng;
    video/x-ms-asf                                   asx asf;
    video/x-ms-wmv                                   wmv;
    video/x-msvideo                                  avi;
}

実行するとsudo nginx -tエラーは発生しません

PS: letsencrypt と nginx を使用して SSL をホストするのは今回が初めてなので、.conf ファイルが非常にクラスター化されているように見えても申し訳ないと思います。

どのような助けでも大歓迎です、ありがとうございます!

答え1

わかりました、解決しました

短い回答:サーバーブロック80に含まれるルールをサーバーブロック443に追加する必要があります。

長い回答: 私の nginx.conf ファイル:

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}
http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
    server {

    listen 80;
    server_name example.com www.example.com;
    root /home/ec2-user/buisness;
    if ($host = www.example.com) {
        return 301 https://$server_name$request_uri;
    } # managed by Certbot

    if ($host = example.com) {
        return 301 https://$server_name$request_uri;
    } # managed by Certbot
    location = /favicon.ico { access_log off; log_not_found off; }

    location /static {
        root /home/ec2-user/buisness;
    }


    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
    }

}



# Settings for a TLS enabled server.

    server {
        listen       443 ssl http2;
        listen       [::]:443 ssl http2;
        server_name  www.example.com example.com;


        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        #include /etc/nginx/default.d/*.conf;
        include /etc/nginx/conf.d/*.conf;
       # include /home/ec2-user/buisness/Main;

    location = /favicon.ico { access_log off; log_not_found off; }

    location /static {
        root /home/ec2-user/buisness;
    }

    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
    }
}
}

ルール言及されているのは以下のとおりです:

location = /favicon.ico { access_log off; log_not_found off; }

    location /static {
        root /home/ec2-user/buisness;
    }


    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass http://unix:/home/ec2-user/buisness/buisness.sock;
    }

ファイルを変更した後.conf、次の手順を実行します。

  1. sudo nginx -t: ファイルに構文エラーがあるかどうかの確認が返されます

  2. sudo systemctl restart nginx: これによりnginxが更新されます

将来の読者への警告がいくつかあります。

  1. ルートパスが実際に存在するかどうかを確認する
  2. .sockファイルが見つかる場所に応じてプロキシパスを変更します

デジタルオーシャンのbobby(bobbyiliev)に感謝 - 彼が問題解決を手伝ってくれました

また、モデレーターがコメントにリンクしたチャットもチェックして、 が提案した改善点を確認してくださいnikita。 にも感謝しますMichael Hampton

デジタルオーシャンで尋ねられた質問のリンク:質問

関連情報