Nginx和Certbot不会转发到443,只有aspnet core和kestrel上的端口5001

问题描述 投票:0回答:1

我正在尝试使用以下设置部署aspnet核心2.2站点,但是当输入url somesite.co.uk时,它转发到端口5001而不是443.任何人都可以发现我做错了什么?

在浏览器中输入somesite.co.uk时,它会重定向到https://somesite.co.uk:5001

C# - 程序

public class Program
{
    public static void Main(string[] args)
    {
        CreateWebHostBuilder(args).Build().Run();
    }

    public static IWebHostBuilder CreateWebHostBuilder(string[] args) =>
        WebHost.CreateDefaultBuilder(args)
        .UseStartup<Startup>();
}

C# - appsettings.json

{
  "Kestrel": {
    "Endpoints": {
      "Http": {
        "Url": "http://0.0.0.0:5000"
      },
      "Https": {
        "Url": "https://0.0.0.0:5001"
      }
    }
  },
  "Logging": {
    "LogLevel": {
      "Default": "Warning"
    }
  },
  "AllowedHosts": "*"
}

Linux - /etc/systemd/system/kestrel-somesite.service

[Service]
WorkingDirectory=/usr/share/nginx/html
ExecStart=/usr/bin/dotnet /usr/share/nginx/html/somesite.dll
Restart=always
RestartSec=10
SyslogIdentifier=dotnet-coretest
User=root
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false
Environment=ASPNETCORE_HTTPS_PORT=5001
Environment=ASPNETCORE_URLS=http://*:5000;https://*:5001

[Install]
WantedBy=multi-user.target

Linux - /etc/nginx/sites-available/first.conf

server {

    server_name somesite.co.uk;
    root /usr/share/nginx/html;

        location / {
            proxy_pass         http://localhost:5000;
            proxy_http_version 1.1;
            proxy_set_header   Upgrade $http_upgrade;
            proxy_set_header   Connection keep-alive;
            proxy_set_header   Host $host;
            proxy_cache_bypass $http_upgrade;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto $scheme;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/somesite.co.uk/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/somesite.co.uk/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}server {
    if ($host = somesite.co.uk) {
        return 301 https://$server_name$request_uri;
    } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server ipv6only=on;

    server_name somesite.co.uk;
    return 404; # managed by Certbot

}
nginx asp.net-core certbot
1个回答
1
投票

但你记得在启动时使用app.UseForwaredHeaders吗?

app.UseForwardedHeaders(new ForwardedHeadersOptions
{
   ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});

通常,您不必在服务文件中指定端口(最后两个环境行)。我建议在linode for nginx too上查看文档,除了微软网站上的official docs之外,它们也很有帮助。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.