0
点赞
收藏
分享

微信扫一扫

guacamole 实战二 (使用nginx反向代理为https)

西风白羽 2022-08-31 阅读 70


安装nginx


yum install -y epel-release gcc gcc-c++ autoconf automake make
yum install -y pcre pcre-devel
yum install -y zlib zlib-devel
yum install -y pcre pcre-devel zlib zlib-devel openssl openssl-devel
yum install -y nginx-all-modules.noarch

wget https://nginx.org/download/nginx-1.23.1.tar.gz
tar zxvf nginx-1.23.1.tar.gz
cd nginx-1.23.1
./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-stream
make && make install

cd /lib/systemd/system/
vim nginx.service

[Unit]
Description=nginx
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx reload
ExecStop=/usr/local/nginx/sbin/nginx quit
PrivateTmp=true

[Install]
WantedBy=multi-user.target

systemctl enable nginx.service
cd /usr/local/nginx
mkdir cert
mv nginxcert.pem nginxcert.key /usr/local/nginx/cert
/usr/local/nginx/sbin/nginx
systmectl status nginx

修改配置文件


vim /usr/local/nginx/conf/nginx.conf

include /etc/nginx/conf.d/*.conf;

touch /et/nginx/conf.d/guacd_https.conf
vim /et/nginx/conf.d/guacd_https.conf

server {
listen 443 ssl;
server_name hostname.domain.com;
ssl_certificate /usr/local/nginx/cert/nginxcert.pem;
ssl_certificate_key /usr/local/nginx/cert/nginxcert.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/clu.access.guaca.log;
error_log /var/log/nginx/clu.error.guaca.log warn;

location / {
proxy_pass http://localhost:8080/guacamole/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_cookie_path /guacamole/ /;

}
}

/usr/local/nginx/sbin/nginx -s reload

访问guacamole

guacamole 实战二 (使用nginx反向代理为https)_堡垒机

举报

相关推荐

0 条评论