Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
496 views
in Technique[技术] by (71.8m points)

nginx - 无法从Web服务器上的教程访问我的Vapor应用程序(Can't access my Vapor app from tutorial on my web server)

I want to deploy a Vapor app on my server to use it as backend for my iOS app.

(我想在服务器上部署Vapor应用程序,以将其用作iOS应用程序的后端。)

I'm pretty new to this topic.

(我对这个话题还很陌生。)

The only thing I did before was deploying a Django backend on the same server.

(我之前所做的唯一一件事就是在同一服务器上部署Django后端。)

I rebuild my server to set up the Vapor backend.

(我重建服务器以设置Vapor后端。)

To begin, I wanted to deploy a Vapor app as basic as possible.

(首先,我想尽可能地部署Vapor应用程序。)

I followed this tutorial (it's short): https://medium.com/@ankitank/deploy-a-basic-vapor-app-with-nginx-and-supervisor-1ef303320726

(我遵循了本教程(简短): https : //medium.com/@ankitank/deploy-a-basic-vapor-app-with-nginx-and-supervisor-1ef303320726)

I followed the steps and didn't get errors.

(我按照步骤进行,没有收到错误。)

The problem is, when I try to call [IP]/hello like in the tutorial, I get 502 Bad Gateway as answer.

(问题是,当我尝试像本教程中那样呼叫[IP]/hello ,我得到502 Bad Gateway作为答案。)

Nginx gives me this error:

(Nginx给我这个错误:)

connect() failed (111: Connection refused) while connecting to upstream, client: [IP], server: _, request: "GET /hello HTTP/1.1", upstream: "http://127.0.0.1:8080/hello", host: "[IP]"

I hope you can help me with this.

(希望您能帮到我。)

:)

(:))


Update 1:

(更新1:)

I changed the config to this:

(我将配置更改为此:)

server {
    listen  80;
    listen  [::]:80;
    server_name  [DOMAIN];

    error_log   /var/log/[DOMAIN]_error.log warn;
    access_log  /var/log/[DOMAIN]_access.log;

    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";

    large_client_header_buffers 8 32k;

    location / {
        # redirect all traffic to localhost:8080;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_pass http://127.0.0.1:8080/;
        proxy_redirect off;
        proxy_read_timeout 86400;

        # enables WS support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        # prevents 502 bad gateway error
        proxy_buffers 8 32k;
        proxy_buffer_size 64k;

        reset_timedout_connection on;

        tcp_nodelay on;

        client_max_body_size 10m;
    }

    location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|html|mp4)$ {
      access_log        off;
      expires           30d;
      root /home/[AppName]/Public;
    }
}

Unfortunately I still get this one:

(不幸的是我仍然得到这个:)

2019/12/01 14:48:04 [error] 6801#6801: *1 connect() failed (111: Connection refused) while connecting to upstream, client: [IP], server: [DOMAIN], request: "GET /hello HTTP/1.1", upstream: "http://127.0.0.1:8080/hello", host: [DOMAIN]

Update 2:

(更新2:)

The error was related to this line: proxy_pass http://127.0.0.1:8080/;

(错误与以下行相关: proxy_pass http://127.0.0.1:8080/;)

I had to change it to this: proxy_pass http://localhost:8080/;

(我必须将其更改为: proxy_pass http://localhost:8080/;)

It seems like localhost is not the same.

(好像localhost不一样。)

Now I can run the app via "vapor run" and I can access it.

(现在,我可以通过“ vapor run”运行该应用程序,并且可以访问它。)

:)

(:))

Big thanks to @imike for all the help!!!

(非常感谢@imike的所有帮助!!!)

  ask by ref2111 translate from so

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

You could try my 100% works production config with SSL and websockets support

(您可以尝试使用SSL和websockets支持的100%工厂生产配置)

server {
    listen  443;
    listen  [::]:443;
    server_name  mydomain.com;

    error_log   /var/log/mydomain.com_error.log warn;
    access_log  /var/log/mydomain.com_access.log;

    ssl on;
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout  10m;
    ssl_prefer_server_ciphers on;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
    ssl_ciphers 'HIGH:!aNULL:!MD5:!kEDH';
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    ssl_stapling on;
    ssl_stapling_verify on;

    large_client_header_buffers 8 32k;

    location / {
        # redirect all traffic to localhost:8080;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_pass http://127.0.0.1:8080/;
        proxy_redirect off;
        proxy_read_timeout 86400;

        # enables WS support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        # prevents 502 bad gateway error
        proxy_buffers 8 32k;
        proxy_buffer_size 64k;

        reset_timedout_connection on;

        tcp_nodelay on;

        client_max_body_size 10m;
    }

    location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|html|mp4)$ {
      access_log        off;
      expires           30d;
      root /apps/myApp/Public;
    }
}

In the end of config you can see that static files from Public folder nginx will return directly without Vapor app running.

(在配置末尾,您可以看到公共文件夹nginx中的静态文件将直接返回,而无需运行Vapor应用程序。)

In your config.swift file you should use FileMiddleware only for macOS where you test the app without nginx cause this middleware is really slow, so I suggest you to put it into compiler check

(在您的config.swift文件中,您仅应在不使用nginx的情况下测试该应用的macOS上使用FileMiddleware,因为该中间件的运行速度非常慢,因此建议您将其放入编译器检查)

#if os(macOS)
middlewares.use(FileMiddleware.self) // Serves files from `Public/` directory
#endif

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...