主頁 > 資料庫 > Rails Nginx Certbot:422登錄錯誤

Rails Nginx Certbot:422登錄錯誤

2021-12-02 08:17:23 資料庫

我有一個在 Elastic Beanstalk (Amazon Linux 2) 上運行的 Rails 6 網站。我成功實施了一個使用 Certbot 生成 SSL 證書的程序,當我訪問我的網站時,一切正常。但是,當我嘗試登錄我的用戶控制臺(使用 Devise)時,我收到 422 錯誤。

Rails 生產日志

W, [2021-11-26T17:55:17.528942 #22645]  WARN -- : [6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] HTTP Origin header (https://example.com) didn't match request.base_url (http://example.com)
I, [2021-11-26T17:55:17.529316 #22645]  INFO -- : [6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms | Allocations: 565)
F, [2021-11-26T17:55:17.530195 #22645] FATAL -- : [6ef6bfd6-6d78-4ded-90df-a9472e0d40f6]
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6]
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal/request_forgery_protection.rb:211:in `handle_unverified_request'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal/request_forgery_protection.rb:243:in `handle_unverified_request'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] devise (4.8.0) lib/devise/controllers/helpers.rb:255:in `handle_unverified_request'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal/request_forgery_protection.rb:238:in `verify_authenticity_token'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:427:in `block in make_lambda'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:198:in `block (2 levels) in halting'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/abstract_controller/callbacks.rb:34:in `block (2 levels) in <module:Callbacks>'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:199:in `block in halting'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:512:in `block in invoke_before'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:512:in `each'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:512:in `invoke_before'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:115:in `block in run_callbacks'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actiontext (6.1.4.1) lib/action_text/rendering.rb:20:in `with_renderer'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actiontext (6.1.4.1) lib/action_text/engine.rb:59:in `block (4 levels) in <class:Engine>'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:126:in `instance_exec'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:126:in `block in run_callbacks'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:137:in `run_callbacks'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/abstract_controller/callbacks.rb:41:in `process_action'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal/rescue.rb:22:in `process_action'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal/instrumentation.rb:34:in `block in process_action'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/notifications.rb:203:in `block in instrument'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/notifications.rb:203:in `instrument'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal/instrumentation.rb:33:in `process_action'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal/params_wrapper.rb:249:in `process_action'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activerecord (6.1.4.1) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/abstract_controller/base.rb:165:in `process'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionview (6.1.4.1) lib/action_view/rendering.rb:39:in `process'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal.rb:190:in `dispatch'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_controller/metal.rb:254:in `dispatch'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/routing/route_set.rb:50:in `dispatch'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/routing/route_set.rb:33:in `serve'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/routing/mapper.rb:19:in `block in <class:Constraints>'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/routing/mapper.rb:49:in `serve'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/journey/router.rb:50:in `block in serve'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/journey/router.rb:32:in `each'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/journey/router.rb:32:in `serve'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/routing/route_set.rb:842:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] warden (1.2.9) lib/warden/manager.rb:36:in `block in call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] warden (1.2.9) lib/warden/manager.rb:34:in `catch'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] warden (1.2.9) lib/warden/manager.rb:34:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/tempfile_reaper.rb:15:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/etag.rb:27:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/conditional_get.rb:40:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/head.rb:12:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/http/permissions_policy.rb:22:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/http/content_security_policy.rb:18:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/session/abstract/id.rb:266:in `context'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/session/abstract/id.rb:260:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/cookies.rb:689:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/callbacks.rb:98:in `run_callbacks'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/actionable_exceptions.rb:18:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] railties (6.1.4.1) lib/rails/rack/logger.rb:37:in `call_app'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] railties (6.1.4.1) lib/rails/rack/logger.rb:26:in `block in call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/tagged_logging.rb:99:in `block in tagged'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/tagged_logging.rb:37:in `tagged'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/tagged_logging.rb:99:in `tagged'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] railties (6.1.4.1) lib/rails/rack/logger.rb:26:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/request_id.rb:26:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/method_override.rb:24:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/runtime.rb:22:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] activesupport (6.1.4.1) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/executor.rb:14:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] rack (2.2.3) lib/rack/sendfile.rb:110:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] actionpack (6.1.4.1) lib/action_dispatch/middleware/host_authorization.rb:92:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] railties (6.1.4.1) lib/rails/engine.rb:539:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] puma (5.5.2) lib/puma/configuration.rb:249:in `call'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] puma (5.5.2) lib/puma/request.rb:77:in `block in handle_request'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] puma (5.5.2) lib/puma/thread_pool.rb:340:in `with_force_shutdown'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] puma (5.5.2) lib/puma/request.rb:76:in `handle_request'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] puma (5.5.2) lib/puma/server.rb:447:in `process_client'
[6ef6bfd6-6d78-4ded-90df-a9472e0d40f6] puma (5.5.2) lib/puma/thread_pool.rb:147:in `block in spawn_thread'

Puma Log(最近的幾行,據我所知,這里沒有任何相關內容)

[22565] - Worker 0 (PID: 22643) booted in 5.67s, phase: 0
[22565] - Worker 1 (PID: 22645) booted in 5.68s, phase: 0

Nginx 訪問日志

99.83.42.176 - - [26/Nov/2021:17:55:10  0000] "GET /users/sign_in HTTP/1.1" 200 7754 "https://example.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36" "-"
99.83.42.176 - - [26/Nov/2021:17:55:17  0000] "POST /users/sign_in HTTP/1.1" 422 0 "https://example.com/users/sign_in" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.55 Safari/537.36" "-"

Nginx 錯誤日志

2021/11/26 17:54:57 [notice] 22658#22658: signal process started
2021/11/26 17:54:57 [warn] 22626#22626: conflicting server name "localhost" on 0.0.0.0:80, ignored
2021/11/26 17:54:57 [warn] 22626#22626: conflicting server name "_" on 0.0.0.0:80, ignored

我弄亂了 nginx.conf 中的一些選項,但仍然無法找出發生這種情況的原因。這是我的 nginx.conf 檔案,帶有 certbot 嵌入的更改:

#Elastic Beanstalk Nginx Configuration File

user                    nginx;
error_log               /var/log/nginx/error.log warn;
pid                     /var/run/nginx.pid;
worker_processes        auto;
worker_rlimit_nofile    65874;

events {
    worker_connections  1024;
}

http {

    upstream appserver {
        server unix:/var/run/puma/my_app.sock;
    }

    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    include       conf.d/*.conf;

    map $http_upgrade $connection_upgrade {
        default     "upgrade";
    }

    server {
        listen 80;
        server_name www.example.com example.com localhost _;
        return 301 https://$host$request_uri;
    }

    server {
        client_header_timeout 60;
        client_body_timeout   60;
        keepalive_timeout     60;
        gzip                  on;
        gzip_comp_level       4;
        gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml rss text/javascript;

        # Include the Elastic Beanstalk generated locations
        include conf.d/elasticbeanstalk/*.conf;

        server_name www.example.com example.com localhost _; # managed by Certbot

        listen 443 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

        location appserver {
            proxy_http_version 1.1;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
            proxy_redirect off;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
            proxy_set_header X-Forwarded-Proto https;
            proxy_pass http://appserver;
            access_log /var/log/nginx/access.log;
            error_log /var/log/nginx/error.log;
        }

    }

    server {

        if ($host = www.example.com) {
            return 301 https://$host$request_uri;
        } # managed by Certbot


        if ($host = example.com) {
            return 301 https://$host$request_uri;
        } # managed by Certbot


        listen        80 ;
        server_name www.example.com example.com localhost _;
        return 404; # managed by Certbot
    }
}

有沒有人遇到過這個問題,并且知道如何確保 nginx 將所有內容都作為 https 處理?

不確定這是否相關,但在生產配置中我有:

config.force_ssl = false

If I switch it to 'true', nothing loads at all. Not sure why, shouldn't that be 'true'?

uj5u.com熱心網友回復:

如果您打算使用 ssl,那么使用 certbot 是一個不錯的解決方案,但您不應再提供 http 請求,因此您需要設定偵聽埠 80 的服務器塊以重定向到 ssl 塊,即偵聽埠的塊443. 這看起來不像是設定為作為您的 rails 服務器的反向代理,應該有 puma 或 unicorn 或您正在運行的任何 rails 服務器宣告。所以這一切都沒有意義。

您在配置中設定了一些我不熟悉的選項,而且您似乎將 sites_available 選項與 nginx.conf 檔案混合在一起,這是可以的,但它不是一個正常的設定,也不是非常可配置的設定,但是,由于你有幾個我不熟悉的選項我不會評論你的選項,我只是建議你整理你的服務器塊,以便監聽埠 80 的塊重定向到埠 443堵塞。您將需要打開您的防火墻以允許埠 443。如果使用 ufw,那么您可以設定一個 nginx 應用程式,否則我會讓您弄清楚或在另一個問題中詢問如何在埠上為 SSL 設定您的特定防火墻443.

無論如何,除了上述之外,您還應該將埠 80 http 塊更改為如下所示

server {
  #no longer default server, all port 80, http requests, should be redirected to https port 443
    listen 80;
    server_name www.example.com example.com localhost _;
    # really should be your production server name i.e. an.ip.address a_proper_domain.com a_proper_domain.co.uk www.a_proper_domain.com www.a_proper_domain.co.uk #provide a list of domains you are listening for separated by spaces
    #redirect to the https server block straight away, you do not want to have a site serving mixed https and http content it is a massive potential security hole
    return 301 https://$host$1$request_uri;
}

所以你的配置看起來像這樣

#Elastic Beanstalk Nginx Configuration File

user                    nginx;
error_log               /var/log/nginx/error.log warn;
pid                     /var/run/nginx.pid;
worker_processes        auto;
worker_rlimit_nofile    65874;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    include       conf.d/*.conf;

    map $http_upgrade $connection_upgrade {
        default     "upgrade";
    }

server {
  #no longer default server, all port 80, http requests, should be redirected to https port 443
    listen 80;
    server_name www.example.com example.com localhost _;
    # really should be your production server name i.e. an.ip.address a_proper_domain.com a_proper_domain.co.uk www.a_proper_domain.com www.a_proper_domain.co.uk #provide a list of domains you are listening for separated by spaces
    return 301 https://$host$1$request_uri;
}

    server {
        access_log    /var/log/nginx/access.log main;

        client_header_timeout 60;
        client_body_timeout   60;
        keepalive_timeout     60;
        gzip                  off;
        gzip_comp_level       4;
        gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml rss text/javascript;

        # Include the Elastic Beanstalk generated locations
        include conf.d/elasticbeanstalk/*.conf;

    server_name www.example.com example.com localhost _; # managed by Certbot

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



}

    server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen        80 ;
    server_name www.example.com example.com localhost _;
    return 404; # managed by Certbot

}}

通常你的 capistrano 部署腳本會為你設定 nginx 配置,如果你使用 capistrano 3 gem 和 capistrano3 puma gem 如果你使用 puma 作為你的 rails 服務器,也有 capistrano nginx gems 但是如果在生產中使用 puma 那么我強烈建議對 nginx.config 檔案使用正確的配置,包括 sites_enabled 檔案夾,并在位于適當位置的單獨檔案中設定特定服務器要求,例如 /etc/nginx/sites_available 檔案夾并符號鏈接到 sites_available 檔案夾。這是大多數服務器管理員或開發運營人員希望設定看起來像的標準方法。

在你的 SSL 服務器塊中,你應該有你的 puma 服務器的設定,典型的設定是這樣的

  location @name_of_your_puma_socket {
    proxy_http_version 1.1;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
    proxy_redirect off;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "Upgrade";
    proxy_set_header X-Forwarded-Proto https; # this is your issue I think
    proxy_pass http://name_of_your_puma_socket;
    # limit_req zone=one;
    access_log #set the path to your nginx.access log
    error_log # set the path to your nginx.error.log;
  }

uj5u.com熱心網友回復:

@jamesc 的建議最終讓我找到了解決方案。Elastic Beanstalk 的 AL2 Nginx 組態檔包含具有以下塊的 webapp.conf 檔案:

location @proxy {
    proxy_pass http://my_app; # match the name of upstream directive which is defined above
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

這并沒有通過完整的標頭集,并導致無效的請求。我更新了我的 nginx.conf 檔案以提供基于此執行緒的更新位置塊:https : //github.com/rails/rails/issues/22965

location / {
    proxy_pass        http://my_app;
    proxy_set_header  Host $host;
    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header  X-Forwarded-Proto $scheme;
    proxy_set_header  X-Forwarded-Ssl on;
    proxy_set_header  X-Forwarded-Port $server_port;
    proxy_set_header  X-Forwarded-Host $host;
}

轉載請註明出處,本文鏈接:https://www.uj5u.com/shujuku/371067.html

標籤:ruby-on-rails nginx amazon-elastic-beanstalk lets-encrypt

上一篇:Docker-compose與自動讓我們加密ssl

下一篇:“錯誤:MongoServerError:E11000重復鍵錯誤集合:myFirstDatabase.files索引:key_1dup鍵:{鍵:空}”

標籤雲
其他(157675) Python(38076) JavaScript(25376) Java(17977) C(15215) 區塊鏈(8255) C#(7972) AI(7469) 爪哇(7425) MySQL(7132) html(6777) 基礎類(6313) sql(6102) 熊猫(6058) PHP(5869) 数组(5741) R(5409) Linux(5327) 反应(5209) 腳本語言(PerlPython)(5129) 非技術區(4971) Android(4554) 数据框(4311) css(4259) 节点.js(4032) C語言(3288) json(3245) 列表(3129) 扑(3119) C++語言(3117) 安卓(2998) 打字稿(2995) VBA(2789) Java相關(2746) 疑難問題(2699) 细绳(2522) 單片機工控(2479) iOS(2429) ASP.NET(2402) MongoDB(2323) 麻木的(2285) 正则表达式(2254) 字典(2211) 循环(2198) 迅速(2185) 擅长(2169) 镖(2155) 功能(1967) .NET技术(1958) Web開發(1951) python-3.x(1918) HtmlCss(1915) 弹簧靴(1913) C++(1909) xml(1889) PostgreSQL(1872) .NETCore(1853) 谷歌表格(1846) Unity3D(1843) for循环(1842)

熱門瀏覽
  • GPU虛擬機創建時間深度優化

    **?桔妹導讀:**GPU虛擬機實體創建速度慢是公有云面臨的普遍問題,由于通常情況下創建虛擬機屬于低頻操作而未引起業界的重視,實際生產中還是存在對GPU實體創建時間有苛刻要求的業務場景。本文將介紹滴滴云在解決該問題時的思路、方法、并展示最終的優化成果。 從公有云服務商那里購買過虛擬主機的資深用戶,一 ......

    uj5u.com 2020-09-10 06:09:13 more
  • 可編程網卡芯片在滴滴云網路的應用實踐

    **?桔妹導讀:**隨著云規模不斷擴大以及業務層面對延遲、帶寬的要求越來越高,采用DPDK 加速網路報文處理的方式在橫向縱向擴展都出現了局限性。可編程芯片成為業界熱點。本文主要講述了可編程網卡芯片在滴滴云網路中的應用實踐,遇到的問題、帶來的收益以及開源社區貢獻。 #1. 資料中心面臨的問題 隨著滴滴 ......

    uj5u.com 2020-09-10 06:10:21 more
  • 滴滴資料通道服務演進之路

    **?桔妹導讀:**滴滴資料通道引擎承載著全公司的資料同步,為下游實時和離線場景提供了必不可少的源資料。隨著任務量的不斷增加,資料通道的整體架構也隨之發生改變。本文介紹了滴滴資料通道的發展歷程,遇到的問題以及今后的規劃。 #1. 背景 資料,對于任何一家互聯網公司來說都是非常重要的資產,公司的大資料 ......

    uj5u.com 2020-09-10 06:11:05 more
  • 滴滴AI Labs斬獲國際機器翻譯大賽中譯英方向世界第三

    **桔妹導讀:**深耕人工智能領域,致力于探索AI讓出行更美好的滴滴AI Labs再次斬獲國際大獎,這次獲獎的專案是什么呢?一起來看看詳細報道吧! 近日,由國際計算語言學協會ACL(The Association for Computational Linguistics)舉辦的世界最具影響力的機器 ......

    uj5u.com 2020-09-10 06:11:29 more
  • MPP (Massively Parallel Processing)大規模并行處理

    1、什么是mpp? MPP (Massively Parallel Processing),即大規模并行處理,在資料庫非共享集群中,每個節點都有獨立的磁盤存盤系統和記憶體系統,業務資料根據資料庫模型和應用特點劃分到各個節點上,每臺資料節點通過專用網路或者商業通用網路互相連接,彼此協同計算,作為整體提供 ......

    uj5u.com 2020-09-10 06:11:41 more
  • 滴滴資料倉庫指標體系建設實踐

    **桔妹導讀:**指標體系是什么?如何使用OSM模型和AARRR模型搭建指標體系?如何統一流程、規范化、工具化管理指標體系?本文會對建設的方法論結合滴滴資料指標體系建設實踐進行解答分析。 #1. 什么是指標體系 ##1.1 指標體系定義 指標體系是將零散單點的具有相互聯系的指標,系統化的組織起來,通 ......

    uj5u.com 2020-09-10 06:12:52 more
  • 單表千萬行資料庫 LIKE 搜索優化手記

    我們經常在資料庫中使用 LIKE 運算子來完成對資料的模糊搜索,LIKE 運算子用于在 WHERE 子句中搜索列中的指定模式。 如果需要查找客戶表中所有姓氏是“張”的資料,可以使用下面的 SQL 陳述句: SELECT * FROM Customer WHERE Name LIKE '張%' 如果需要 ......

    uj5u.com 2020-09-10 06:13:25 more
  • 滴滴Ceph分布式存盤系統優化之鎖優化

    **桔妹導讀:**Ceph是國際知名的開源分布式存盤系統,在工業界和學術界都有著重要的影響。Ceph的架構和演算法設計發表在國際系統領域頂級會議OSDI、SOSP、SC等上。Ceph社區得到Red Hat、SUSE、Intel等大公司的大力支持。Ceph是國際云計算領域應用最廣泛的開源分布式存盤系統, ......

    uj5u.com 2020-09-10 06:14:51 more
  • es~通過ElasticsearchTemplate進行聚合~嵌套聚合

    之前寫過《es~通過ElasticsearchTemplate進行聚合操作》的文章,這一次主要寫一個嵌套的聚合,例如先對sex集合,再對desc聚合,最后再對age求和,共三層嵌套。 Aggregations的部分特性類似于SQL語言中的group by,avg,sum等函式,Aggregation ......

    uj5u.com 2020-09-10 06:14:59 more
  • 爬蟲日志監控 -- Elastc Stack(ELK)部署

    傻瓜式部署,只需替換IP與用戶 導讀: 現ELK四大組件分別為:Elasticsearch(核心)、logstash(處理)、filebeat(采集)、kibana(可視化) 下載均在https://www.elastic.co/cn/downloads/下tar包,各組件版本最好一致,配合fdm會 ......

    uj5u.com 2020-09-10 06:15:05 more
最新发布
  • day02-2-商鋪查詢快取

    功能02-商鋪查詢快取 3.商鋪詳情快取查詢 3.1什么是快取? 快取就是資料交換的緩沖區(稱作Cache),是存盤資料的臨時地方,一般讀寫性能較高。 快取的作用: 降低后端負載 提高讀寫效率,降低回應時間 快取的成本: 資料一致性成本 代碼維護成本 運維成本 3.2需求說明 如下,當我們點擊商店詳 ......

    uj5u.com 2023-04-20 08:33:24 more
  • MySQL中binlog備份腳本分享

    關于MySQL的二進制日志(binlog),我們都知道二進制日志(binlog)非常重要,尤其當你需要point to point災難恢復的時侯,所以我們要對其進行備份。關于二進制日志(binlog)的備份,可以基于flush logs方式先切換binlog,然后拷貝&壓縮到到遠程服務器或本地服務器 ......

    uj5u.com 2023-04-20 08:28:06 more
  • day02-短信登錄

    功能實作02 2.功能01-短信登錄 2.1基于Session實作登錄 2.1.1思路分析 2.1.2代碼實作 2.1.2.1發送短信驗證碼 發送短信驗證碼: 發送驗證碼的介面為:http://127.0.0.1:8080/api/user/code?phone=xxxxx<手機號> 請求方式:PO ......

    uj5u.com 2023-04-20 08:27:27 more
  • 快取與資料庫雙寫一致性幾種策略分析

    本文將對幾種快取與資料庫保證資料一致性的使用方式進行分析。為保證高并發性能,以下分析場景不考慮執行的原子性及加鎖等強一致性要求的場景,僅追求最終一致性。 ......

    uj5u.com 2023-04-20 08:26:48 more
  • sql陳述句優化

    問題查找及措施 問題查找 需要找到具體的代碼,對其進行一對一優化,而非一直把關注點放在服務器和sql平臺 降低簡化每個事務中處理的問題,盡量不要讓一個事務拖太長的時間 例如檔案上傳時,應將檔案上傳這一步放在事務外面 微軟建議 4.啟動sql定時執行計劃 怎么啟動sqlserver代理服務-百度經驗 ......

    uj5u.com 2023-04-20 08:26:35 more
  • 云時代,MySQL到ClickHouse資料同步產品對比推薦

    ClickHouse 在執行分析查詢時的速度優勢很好的彌補了MySQL的不足,但是對于很多開發者和DBA來說,如何將MySQL穩定、高效、簡單的同步到 ClickHouse 卻很困難。本文對比了 NineData、MaterializeMySQL(ClickHouse自帶)、Bifrost 三款產品... ......

    uj5u.com 2023-04-20 08:26:29 more
  • sql陳述句優化

    問題查找及措施 問題查找 需要找到具體的代碼,對其進行一對一優化,而非一直把關注點放在服務器和sql平臺 降低簡化每個事務中處理的問題,盡量不要讓一個事務拖太長的時間 例如檔案上傳時,應將檔案上傳這一步放在事務外面 微軟建議 4.啟動sql定時執行計劃 怎么啟動sqlserver代理服務-百度經驗 ......

    uj5u.com 2023-04-20 08:25:13 more
  • Redis 報”OutOfDirectMemoryError“(堆外記憶體溢位)

    Redis 報錯“OutOfDirectMemoryError(堆外記憶體溢位) ”問題如下: 一、報錯資訊: 使用 Redis 的業務介面 ,產生 OutOfDirectMemoryError(堆外記憶體溢位),如圖: 格式化后的報錯資訊: { "timestamp": "2023-04-17 22: ......

    uj5u.com 2023-04-20 08:24:54 more
  • day02-2-商鋪查詢快取

    功能02-商鋪查詢快取 3.商鋪詳情快取查詢 3.1什么是快取? 快取就是資料交換的緩沖區(稱作Cache),是存盤資料的臨時地方,一般讀寫性能較高。 快取的作用: 降低后端負載 提高讀寫效率,降低回應時間 快取的成本: 資料一致性成本 代碼維護成本 運維成本 3.2需求說明 如下,當我們點擊商店詳 ......

    uj5u.com 2023-04-20 08:24:03 more
  • day02-短信登錄

    功能實作02 2.功能01-短信登錄 2.1基于Session實作登錄 2.1.1思路分析 2.1.2代碼實作 2.1.2.1發送短信驗證碼 發送短信驗證碼: 發送驗證碼的介面為:http://127.0.0.1:8080/api/user/code?phone=xxxxx<手機號> 請求方式:PO ......

    uj5u.com 2023-04-20 08:23:11 more

Copyright © 2010-2020 有解無憂