Ngingayimisa kanjani i-OpenLiteSpeed ukuze ngihlehlise ummeleli ku-Nextcloud etholakala kunethiwekhi yami yangaphakathi?
Kuyamangaza ukuthi ukusesha ku-Habré kwe-OpenLiteSpeed akukhiqizi lutho! Ngiyashesha ukulungisa lokhu kungabi nabulungisa, ngoba i-LSWS iyiseva yewebhu efanelekile. Ngiyayithanda ngesivinini sayo kanye nesixhumi esibonakalayo sokuphatha iwebhu:
Naphezu kweqiniso lokuthi i-OpenLiteSpeed idume kakhulu njenge-WordPress "i-accelerator," esihlokweni sanamuhla ngizobonisa ukusetshenziswa kwayo okuqondile. Okungukuthi, ukuhlehliswa kommeleli wezicelo. Ungasho ukuthi kuvame kakhulu ukusebenzisa i-nginx kulokhu? Ngizovuma. Kodwa sathandana ngempela ne-LSWS!
I-proxying kulungile, kodwa kuphi? Isevisi enhle ngokulinganayo yi-Nextcloud. Sisebenzisa i-Nextcloud ukudala "amafu okwabelana ngamafayela" ayimfihlo. Kuklayenti ngalinye, sabela i-VM ehlukile ne-Nextcloud, futhi asifuni ukuyidalula “ngaphandle”. Kunalokho, sicela ummeleli ngommeleli ovamile ohlanekezelwe. Lesi sixazululo sikuvumela ukuthi:
1) susa iseva lapho idatha yeklayenti igcinwa khona ku-inthanethi futhi
2) gcina amakheli e-IP.
Isikimu sibukeka kanjena:
Kuyacaca ukuthi umdwebo wenziwa lula, ngoba ukuhlela ingqalasizinda yezinsizakalo zewebhu akusona isihloko sendatshana yanamuhla.
Futhi kulesi sihloko ngizokweqa ukufakwa nokucushwa okuyisisekelo kwe-nextcloud, ikakhulukazi njengoba kukhona izinto eziphathelene nalesi sihloko ku-Habré. Kepha nakanjani ngizokukhombisa izilungiselelo ngaphandle kokuthi i-Nextcloud engeke isebenze ngemuva kommeleli.
Inikezwe:
I-Nextcloud ifakwe kumsingathi 1 futhi ilungiselelwe ukusebenza nge-http (ngaphandle kwe-SSL), inokuxhumana kwenethiwekhi yendawo kuphela kanye nekheli le-IP "elimpunga" 172.16.22.110.
Ake silungiselele i-OpenLiteSpeed kusokhaya 2. Inezindawo ezimbili zokusebenzelana, eyangaphandle (ibuka i-inthanethi) kanye nengaphakathi enekheli le-IP kunethiwekhi 172.16.22.0/24
Igama le-DNS elithi cloud.connect.link liholela ekhelini le-IP lokusebenzelana kwangaphandle komsingathi 2
Umsebenzi:
Thola ku-inthanethi usebenzisa isixhumanisi '' (SSL) ku-Nextcloud kunethiwekhi yangaphakathi.
- Ukufaka i-OpenLiteSpeed ku-Ubuntu 18.04.2.
Masingeze indawo yokugcina:
wget -O - | sudo bash
sudo apt-get update
faka, sebenzisa:
sudo apt-get ukufaka openlitespeed
sudo /usr/local/lsws/bin/lswsctrl qala
- Masimise i-firewall encane.
sudo ufw vumela i-ssh
sudo ufw okuzenzakalelayo vumela okuphumayo
I-sudo ufw ezenzakalelayo yenqaba ukungena
sudo ufw vumela i-http
sudo ufw vumela i-https
sudo ufw vumela kusuka umphathi wakho kunoma iyiphi ichweba 7080
sudo ufw ukuvumela - Ake silungiselele i-OpenLiteSpeed njengommeleli obuyela emuva.
Masidale izinkomba ze-virtualhost.cd /usr/local/lsws/
sudo mkdirc cloud.connect.link
cd cloud.connect.link/
sudo mkdir {conf,html,logs}
sudo chown lsadm:lsadm ./conf/
Ake silungiselele i-virtualhost kusuka kusixhumi esibonakalayo sewebhu se-LSWS.
Ivula ukuphathwa kwe-URL
Ukungena okuzenzakalelayo/iphasiwedi: admin/123456
Engeza i-virtual host (I-Virtual Hosts > Engeza).
Uma wengeza, kuzovela umlayezo wephutha obonisa ukuthi ifayela lokumisa alikho. Lokhu kuvamile futhi kungaxazululwa ngokuchofoza Chofoza ukuze udale.
Kuthebhu ethi Okujwayelekile, cacisa Umsuka Wombhalo (yize ungadingeki, ukulungiselelwa ngeke kusuke ngaphandle kwayo). Igama Lesizinda, uma lingashiwongo, lizothathwa Egameni Lokusingatha Okubonakalayo, esilibize ngegama lesizinda sethu.
Manje sekuyisikhathi sokukhumbula ukuthi asinayo nje iseva yewebhu, kodwa ummeleli ohlanekezelwe. Izilungiselelo ezilandelayo zizotshela i-LSWS ukuthi imele ini futhi kuphi. Kuzilungiselelo ze-virtualhost, vula ithebhu yohlelo lokusebenza lwangaphandle bese wengeza uhlelo olusha lokusebenza lohlobo lweseva yewebhu:
Sikhomba igama nekheli. Ungacacisa igama elithile, kodwa udinga ukulikhumbula; lizoba usizo ezinyathelweni ezilandelayo. Ikheli kulapho i-Nextcloud ihlala khona kunethiwekhi yangaphakathi:
Kuzilungiselelo ezifanayo ze-virtualhost, vula ithebhu Yokuqukethwe bese udala umongo omusha wohlobo lommeleli:
Cacisa amapharamitha: URI = /, Iseva yewebhu = nextcloud_1 (igama elisuka esinyathelweni sangaphambilini)
Qala kabusha i-LSWS. Lokhu kwenziwa ngokuchofoza okukodwa kusixhumi esibonakalayo sewebhu, izimangaliso! (ophethe igundane kimi uyakhuluma)
- Sifaka isitifiketi futhi silungiselele i-https.
sizoyiyeka futhi sivume ukuthi sesinayo kakade futhi ilele kanye nokhiye kuhla lwemibhalo /etc/letsencrypt/live/cloud.connect.link.
Masidale "umlaleli" (Abalaleli > Engeza), sibize ngokuthi "https". Asikhombe ku-port 443 futhi siqaphele ukuthi izobe Ivikelekile:
Kuthebhu ye-SSL, khombisa indlela eya kukhiye nesitifiketi:
“Umlaleli” sewakhiwe, manje esigabeni se-Virtual Host Mappings sizokwengeza umsingathi wethu obonakalayo kuso:
Uma i-LSWS izoba ummeleli wesevisi eyodwa kuphela, ukumisa kungaqedelwa. Kodwa sihlela ukuyisebenzisela ukudlulisa izicelo “kuziphathimandla” ezehlukene kuye ngegama lesizinda. Futhi zonke izizinda zizoba nezitifiketi zazo. Ngakho-ke, udinga ukuya ku-virtualhost config futhi ucacise ukhiye nesitifiketi sayo kuthebhu ye-SSL. Ngokuzayo, lokhu kufanele kwenziwe kumsingathi ngamunye omusha we-virtual.
Okusele nje ukulungisa ukubhalwa kabusha kwe-url ukuze izicelo ze-http ziqondiswe ku-https.
(Kodwa-ke, kuzophela nini lokhu? Isikhathi sokuthi iziphequluli namanye ama-software ashintshele ku-https ngokuzenzakalelayo, futhi adlulisele ku-no-SSL mathupha uma kudingeka).
Vula Vumela Ukuphinda Ubhale futhi ubhale phansi Imithetho Yokuphinda Ubhale:
I-RewriteCond %{SERVER_PORT} 80
Bhala kabushaUmthetho ^(.*)$ } [R=301,L]
Ngenxa yokungaqondi kahle, awukwazi ukusebenzisa imithetho yokuBhala kabusha usebenzisa ukuqalisa kabusha kwe-Graceful okuvamile. Ngakho-ke, ake siqale kabusha i-LSWS hhayi ngomusa, kodwa cishe futhi ngempumelelo:
I-sudo systemctl iqala kabusha i-lsws.service
Ukuze iseva ilalele imbobo 80, sizodala omunye Umlaleli. Masiyibize ngo-http, khombisa imbobo yama-80 kanye neqiniso lokuthi izobe ingavikelekile:
Ngokufanisa nokusetha isilaleli se-https, ake senze imephu yosokhaya wethu ayibonise.
Manje i-LSWS izolalela i-port 80 bese ithumela izicelo kuyo iye ku-443, ibhale kabusha i-url.
Ekugcineni, ngincoma ukwehlisa izinga lokungena kwe-LSWS, elisethelwe ku-Debug ngokuzenzakalelayo. Kule modi, izingodo ziphindaphindeka ngesivinini sombani! Ezimweni eziningi, ileveli Yesexwayiso yanele. Iya kokuthi Ukucushwa Kweseva > Ilogi:
Lokhu kuqeda ukucushwa kwe-OpenLiteSpeed njengommeleli obuyela emuva. Nakulokhu siqala kabusha i-LSWS, landela isixhumanisi futhi siyabona:
Ukuze i-Nextcloud isingenise, sidinga ukungeza isizinda cloud.connect.link ohlwini lwabathenjwayo. Asihambe sihlele i-config.php. Ngifake i-Nextcloud ngokuzenzakalelayo lapho ngifaka Ubuntu futhi ukucushwa kutholakala lapha: /var/snap/nextcloud/current/nextcloud/config.
Engeza ipharamitha ye-'cloud.connect.link' kukhiye wesizinda_othenjwayo:
'trusted_domains' =>
uhlu (
0 => '172.16.22.110',
1 => 'cloud.connect.link',
),
Okulandelayo, ekucushweni okufanayo udinga ukucacisa ikheli le-IP lommeleli wethu. Sicela uqaphele ukuthi ikheli kufanele licaciswe njengelo elibonakala kuseva ye-Nextcloud, i.e. I-IP ye-interface ye-LSWS yendawo. Ngaphandle kwalesi sinyathelo, i-Nextcloud web interface iyasebenza, kodwa izinhlelo zokusebenza azigunyaziwe.
'trusted_proxies' =>
uhlu (
0 => '172.16.22.100',
),
Kuhle, ngemva kwalokhu singakwazi ukufinyelela esibonakalayo sokugunyazwa:
Inkinga ixazululiwe! Manje iklayenti ngalinye lingasebenzisa ngokuphepha "ifu lefayela" lisebenzisa i-URL yalo yomuntu siqu, iseva enamafayela ihlukaniswa ne-inthanethi, amaklayenti esikhathi esizayo azothola konke okufanayo futhi akukho kheli elilodwa le-IP elizothinteka.
Ukwengeza, ungasebenzisa ummeleli ongemuva ukuletha okuqukethwe okumile, kodwa esimweni se-Nextcloud lokhu ngeke kunikeze ukukhuphuka okubonakalayo kwesivinini. Ngakho lokhu kuyinketho futhi kuyakhethwa.
Ngiyajabula ukwabelana ngale ndaba, ngithemba ukuthi izoba wusizo kumuntu. Uma wazi izindlela ezinhle nezisebenzayo zokuxazulula le nkinga, ngingabonga ngokuphawula kwakho!
Source: www.habr.com