因为我被困在黑暗中,所以我希望任何人都可以在这里投入一些光
基本上,我试图制作一个反向代理NGINXcaching内容。 反向代理工作正常,但caching部分…不。 我遵循许多指南和不同的方法,但所有的结果在我的caching文件夹emtpy和每一个
curl -X GET -I 资源返回X-Proxy-Cache:MISS
我的设置非常基本,正如我所说的,我有一个运行Apache和Tomcat的后端服务器,以及一个运行NGINX的前端反向代理所有请求。
我只是发布一个特定的(最简单的)nginx虚拟主机的信息,它提供了en owncloud安装。
猫/ etc / redhat-release
CentOS Linux版本7.2.1511(核心)
NGINX -V
nginx version: nginx/1.6.3 built by gcc 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC) TLS SNI support enabled configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/run/nginx.pid --lock-path=/run/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_spdy_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module --with-http_perl_module --with-mail --with-mail_ssl_module --with-pcre --with-pcre-jit --with-google_perftools_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic' --with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E'
nginx.conf
user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; ## BEGIN PROXY PARAMS ## proxy_cache_path /etc/nginx/cache levels=1:2 keys_zone=one:10m inactive=24h max_size=1g; # END PROXY PARAMS ## ## BEGIN SECURITY ## # Prevent attackers to find out which nginx version is running. server_tokens off; ## END SECURITY ## include /etc/nginx/conf.d/*.conf; server { listen 80 default_server; listen [::]:80 default_server; server_name _; #root /usr/share/nginx/html; # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; location / { return 403; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } }
01-owncloud.conf
server { listen 80; server_name cloud.mydomain.com; access_log /var/log/nginx/01-owncloud_access.log; error_log /var/log/nginx/01-owncloud_error.log error; ## BEGIN SECURITY ## # Block nasty robots if ($http_user_agent ~ (msnbot|Purebot|Baiduspider|Lipperhey|Mail.Ru|scrapbot) ) { return 403; } # Deny referal spam if ( $http_referer ~* (jewelry|viagra|nude|girl|nudit|casino|poker|porn|sex|teen|babes) ) { return 403; } ## END SECURITY ## location / { #proxy_cache_bypass $http_cache_control; #add_header X-Proxy-Cache $upstream_cache_status; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto http; proxy_pass http://192.168.1.42:80/; proxy_cache one; proxy_cache_valid 200 1d; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; } }
任何帮助真的很感激。
感谢您阅读这篇文章!
祝你今天愉快!
旧post,但我想更新它 –
最后,SELinux阻止了nginx进程写入/ etc / nginx / cache。 快速浏览/ var / log / messages显示了这一点,并安装了setroubleshoot-server,它为我提供了正确的命令来执行写操作。