ubuntu 24.04-无域名创建本机和局域网和同网段局域网机器可访问的https网页服务
1. 安装nginx, apt install nginx
apt install nginx2. 创建nginx.conf配置文件:
gedit /etc/nginx/nginx.conf3. 配置文件内容如下:
user snake;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
include /etc/nginx/conf.d/*.conf;
# HTTP Server (Port 80) - 强制重定向到 HTTPS
server {
listen 80;
listen [::]:80;
server_name _;
# 强制重定向到 HTTPS
return 301 https://$host$request_uri;
}
# TLS enabled server (Port 443)
# HTTPS server
server {
listen 443 ssl;
server_name 192.168.0.14 192.168.89.55 localhost;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
# root html;
root /media/snake/Rocky/Projects/github/vtk/Kitware/vtk-wasm-demos/main/ubuntu;
index index.html;
}
}
}
4. 关闭 linux 的防火墙(仅用于本地测试, 生产环境不可这样搞)
systemctl stop ufw
systemctl stop firewalld
5. 开启nginx服务:
systemctl start nginx
6. 如果修改了nginx.conf配置文件,则需要重启nginx服务:
systemctl restart nginx
systemctl reload nginx7. 验证是否已经开启成功:
systemctl status nginx
如果显示
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: enabled)
Active: active (running) since Fri 2024-12-20 17:40:57 CST; 30min ago
Docs: man:nginx(8)
Process: 129619 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 129621 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 129663 ExecReload=/usr/sbin/nginx -g daemon on; master_process on; -s reload (code=exited, status=0/SUCCESS)
Main PID: 129622 (nginx)
Tasks: 25 (limit: 74010)
Memory: 29.2M (peak: 50.1M)
CPU: 467ms
CGroup: /system.slice/nginx.service
├─129622 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
├─129665 "nginx: worker process"
├─129666 "nginx: worker process"
├─129667 "nginx: worker process"
├─129668 "nginx: worker process"
则表示nginx服务已经成功运行。
8. 本机访问:
https://127.0.0.1/
或:
https://localhost/
或:
https://192.168.89.55/
, 同网段局域网机器访问:
https://192.168.89.55/
9. 如果nginx没有成功开启, 则验证一下配置文件:
nginx -t
根据报错信息,修改 /etc/nginx/nginx.conf配置文件, 直到验证通过, 显示:
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
稍后补充证书和自签名问题。
参考资料:
Nginx安装和配置_apt install nginx-CSDN博客
nginx配置https(内网)-CSDN博客
局域网https自签名教程_rehash: warning: skipping ca-certificates.crt,it d-CSDN博客
Nginx内网环境开启https双协议-CSDN博客
nginx配置局域网访问https - 简书
全网最详细的局域网https自签名教程(收藏)
出于某个需求,要生成 127.0.0.1 的自签名证书。
防火墙管理入门:Firewalld 与 UFW_ufw和firewalld-CSDN博客
linux 的防火墙 ufw、firwalld、iptables 、 - 沧海一声笑rush - 博客园
服务器防火墙工具firewalld、ufw的使用_ufw permanent-CSDN博客
Ubuntu 9.10 UFW防火墙使用教程
如何修复UFW状态在Linux中显示为非活动-电脑知识-PHP中文网
os:ubuntu 使用防火墙firewalld - lnlidawei - 博客园
本地测试使用自签名证书以开启网站https(例子说明:Nginx_访问自签名证书服务器-CSDN博客
mkcert - 0 配置,为 localhost 127.0.0.1 自签发安全证书 - 小众软件
如何修复“无法连接到https://127.0.0.1 SSL证书问题:自签名证书”-腾讯云开发者社区-腾讯云
自签名证书仅适用于localhost,不适用于127.0.0.1-腾讯云开发者社区-腾讯云
ubuntu利用nginx配置https服务器_百度知道
本地 https 环境解决方案 - 哔哩哔哩
本地https快速解决方案——mkcert - DTeam 技术日志
https://github.com/FiloSottile/mkcert
本地https快速解决方案——mkcert - 简书
本地 https 环境解决方案
同一局域网下windows和linux之间通过SSH互传文件
ubuntu关闭防火墙后无法访问端口?-纵横云
Ubuntu8080端口无法被访问_ubuntu开放8080端口-CSDN博客