|
Hans345
Anmeldungsdatum:
16. Oktober 2015
Beiträge: Zähle...
|
Hallo, ich weiss nicht, ob ich das richtige Forum gewählt habe? Gerne berichtigen, wenn notwendig. Ich möchte „Shellinabox“ neben einer funktionierenden Nextcloud Installation installieren. Bei der Nextcloud Installation bin ich nach https://decatec.de/home-server/owncloud-9-auf-ubuntu-server-16-04-lts-mit-nginx-mariadb-php-7-und-lets-encrypt/ vorgegangen. Dies beinhaltet auch einen Nginx Reverse Proxy. Für die Shellinabox Installation habe ich über verschiedene Seiten Daten zusammengesucht:
Mein Host für Shellinabox (owncloud9tutorial.goip.de_shellinabox.conf) sieht so aus:
server {
server_name 127.0.0.1;
listen 127.0.0.1:83;
location ~/shellinabox/ {
rewrite ^/shellinabox/(.*) /$1 break;
proxy_pass http://127.0.0.1:4200;
proxy_read_timeout 90;
}
}Der Gateway Host (owncloud9tutorial.goip.de.conf) habe ich folgendermaßen erweitert:
location /terminal/ {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:83/;
}Ein Aufruf von netstat -nap | grep shellinabox bringt
tcp 0 0 0.0.0.0:4200 0.0.0.0:* LISTEN 15927/shellinaboxd
unix 3 [ ] STREAM VERBUNDEN 33081 15927/shellinaboxd
unix 3 [ ] STREAM VERBUNDEN 29559 15928/shellinaboxd
unix 3 [ ] STREAM VERBUNDEN 29558 15927/shellinaboxd Da finde ich es auffällig, dass keine IP Adresse angezeigt wird. Sollte doch eigentlich so sein. Ein Aufruf von http://owncloud9tutorial.goip.de/terminal/ bringt eine 404 Seite. Hat jemand eine Idee? Grüße
Hans
|
|
lubux
Anmeldungsdatum:
21. November 2012
Beiträge: 14314
|
Hans345 schrieb: Da finde ich es auffällig, dass keine IP Adresse angezeigt wird. Sollte doch eigentlich so sein.
Wie ist die Ausgabe von:
lsof -nPi | grep -i shellinabox
?
|
|
misterunknown
Ehemalige
Anmeldungsdatum:
28. Oktober 2009
Beiträge: 4403
Wohnort: Sachsen
|
Hans345 schrieb: Mein Host für Shellinabox (owncloud9tutorial.goip.de_shellinabox.conf) sieht so aus:
server {
server_name 127.0.0.1;
listen 127.0.0.1:83;
location ~/shellinabox/ {
rewrite ^/shellinabox/(.*) /$1 break;
proxy_pass http://127.0.0.1:4200;
proxy_read_timeout 90;
}
}
Rewriten brauchst du da nichts. Der Abschnitt für Shellinabox würde IMHO so aussehen:
location ~ ^/shellinabox {
proxy_pass http://127.0.0.1:4200
proxy_read_timeout 90;
}
(ungetestet)
Da finde ich es auffällig, dass keine IP Adresse angezeigt wird. Sollte doch eigentlich so sein.
0.0.0.0 heißt, dass er auf allen konfigurierten IPs lauscht.
|
|
Hans345
(Themenstarter)
Anmeldungsdatum:
16. Oktober 2015
Beiträge: 20
|
Wie ist die Ausgabe von:
lsof -nPi | grep -i shellinabox
?
gibt aus
shellinab 1423 shellinabox 4u IPv4 19072 0t0 TCP *:4200 (LISTEN)
|
|
Hans345
(Themenstarter)
Anmeldungsdatum:
16. Oktober 2015
Beiträge: 20
|
Rewriten brauchst du da nichts. Der Abschnitt für Shellinabox würde IMHO so aussehen:
location ~ ^/shellinabox {
proxy_pass http://127.0.0.1:4200
proxy_read_timeout 90;
}
(ungetestet)
bringt leider auch keinen Erfolg
|
|
misterunknown
Ehemalige
Anmeldungsdatum:
28. Oktober 2009
Beiträge: 4403
Wohnort: Sachsen
|
Hans345 schrieb: bringt leider auch keinen Erfolg
Das heißt? Immer noch 404? Was sagt
curl -i http://example.org/shellinabox
wobei du natürlich example.org durch deine Domain ersetzen musst.
|
|
Hans345
(Themenstarter)
Anmeldungsdatum:
16. Oktober 2015
Beiträge: 20
|
misterunknown schrieb: Hans345 schrieb: bringt leider auch keinen Erfolg
Das heißt? Immer noch 404?
Ja, genau. Was sagt curl -i http://example.org/shellinabox
wobei du natürlich example.org durch deine Domain ersetzen musst.
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2017 17:02:35 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://192.168.178.33/shellinabox
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html> und
curl -i http://example.org/terminal
bringt auch HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2017 17:02:35 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://192.168.178.33/shellinabox
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
|
|
Hans345
(Themenstarter)
Anmeldungsdatum:
16. Oktober 2015
Beiträge: 20
|
Der nginx error log sieht so aus 2017/02/02 19:26:49 [warn] 5198#5198: no resolver defined to resolve ocsp.int-x3.letsencrypt.org while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, certificate: "/etc/letsencrypt/live/owncloud9tutorial.goip$
2017/02/02 19:26:49 [error] 5198#5198: *4 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
2017/02/02 19:26:51 [error] 5198#5198: *6 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
2017/02/02 19:26:54 [error] 5198#5198: *1 open() "/etc/nginx/html/shellinabox" failed (2: No such file or directory), client: 80.171.80.68, server: owncloud9tutorial.goip.de, request: "GET /shellinabox HTTP/2.0", host: "owncloud9tutorial.go$
2017/02/02 19:28:05 [warn] 1453#1453: no resolver defined to resolve ocsp.int-x3.letsencrypt.org while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, certificate: "/etc/letsencrypt/live/owncloud9tutorial.goip$
2017/02/02 19:28:05 [error] 1453#1453: *4 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
2017/02/02 19:28:07 [error] 1453#1453: *1 open() "/etc/nginx/html/shellinabox" failed (2: No such file or directory), client: 80.171.80.68, server: owncloud9tutorial.goip.de, request: "GET /shellinabox HTTP/2.0", host: "owncloud9tutorial.go$
2017/02/02 19:31:18 [error] 1453#1453: *22 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
2017/02/02 19:31:30 [error] 1453#1453: *24 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
2017/02/02 20:28:14 [warn] 1453#1453: no resolver defined to resolve ocsp.int-x3.letsencrypt.org while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, certificate: "/etc/letsencrypt/live/owncloud9tutorial.goip$
2017/02/02 21:06:46 [error] 1453#1453: *59 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
2017/02/02 21:40:15 [warn] 1453#1453: no resolver defined to resolve ocsp.int-x3.letsencrypt.org while requesting certificate status, responder: ocsp.int-x3.letsencrypt.org, certificate: "/etc/letsencrypt/live/owncloud9tutorial.goip$
2017/02/02 21:42:20 [error] 1453#1453: *74 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
2017/02/02 21:42:21 [error] 1453#1453: *76 "/etc/nginx/html/index.html" is not found (2: No such file or directory), client: 127.0.0.1, server: 127.0.0.1, request: "GET // HTTP/1.0", host: "owncloud9tutorial.goip.de"
|
|
misterunknown
Ehemalige
Anmeldungsdatum:
28. Oktober 2009
Beiträge: 4403
Wohnort: Sachsen
|
Hans345 schrieb: HTTP/1.1 301 Moved Permanently
Location: https://192.168.178.33/shellinabox
Woher kommt diese Umleitung? Hast du die irgendwo konfiguriert? Zeig mal die Konfiguration aller Vhosts im nginx. Ich habe mir hier grade mal shellinabox installiert und einen nginx. Mit folgender Konfiguration funktionierts:
location /shell {
proxy_pass http://127.0.0.1:4200/;
}
|
|
Hans345
(Themenstarter)
Anmeldungsdatum:
16. Oktober 2015
Beiträge: 20
|
misterunknown schrieb: Hans345 schrieb: HTTP/1.1 301 Moved Permanently
Location: https://192.168.178.33/shellinabox
Woher kommt diese Umleitung? Hast du die irgendwo konfiguriert? Zeig mal die Konfiguration aller Vhosts im nginx.
Hier ist der Gateway Host
server {
listen 80 default_server;
server_name owncloud9tutorial.goip.de 192.168.178.33;
root /var/www;
location ^~ /.well-known/acme-challenge {
proxy_pass http://127.0.0.1:81;
proxy_redirect off;
}
location / {
# Enforce HTTPS
return 301 https://$server_addr$request_uri;
# Use this if you always want to redirect to the DynDNS address (no local access).
#return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl http2;
server_name owncloud9tutorial.goip.de 192.168.178.33;
#
# Configure SSL
#
ssl on;
# Certificates used
ssl_certificate /etc/letsencrypt/live/owncloud9tutorial.goip.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/owncloud9tutorial.goip.de/privkey.pem;
# Not using TLSv1 will break:
# Android <= 4.4.40
# IE <= 10
# IE mobile <=10
# Removing TLSv1.1 breaks nothing else!
ssl_protocols TLSv1.2;
# 100 % Security
# Low Compatibility
# No Android 2
# No Java
# No IE < 11 (XP)
# No Firefox
# Robust Forward Secrecy
#ssl_ciphers 'AES256+EECDH:AES256+EDH:!aNULL';
# These are the recommended cipher suites from: https://wiki.mozilla.org/Security/Server_Side_TLS
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256$
# Nginx for Modern Browsers (uncomment this when the other ssl_ciphers won't work for you)
# Grade A (A+ with HSTS at >= 6 Months)
# 90 % Security
# Medium Compatibility
# No Java 6 (No DH parameters > 1024 bits)
# No IE on XP
# Robust Forward Secrecy
#ssl_ciphers 'AES256+EECDH:AES256+EDH:!aNULL';
# These are the recommended cipher suites from: https://wiki.mozilla.org/Security/Server_Side_TLS
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256$
# Nginx for Modern Browsers (uncomment this when the other ssl_ciphers won't work for you)
# Grade A (A+ with HSTS at >= 6 Months)
# 90 % Security
# Medium Compatibility
# No Java 6 (No DH parameters > 1024 bits)
# No IE on XP
# Robust Forward Secrecy
#ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA25$
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
# Specifies a curve for ECDHE ciphers.
# Remarks: This won't work on Chrome 53 (ERR_SSL_OBSOLETE_CIPHER)
#ssl_ecdh_curve secp521r1;
# Slightly lower security, but will work on
# - Chrome 53
# - Windows phones before 8.1 Update 1
ssl_ecdh_curve secp384r1;
# Server should determine the ciphers, not the client
ssl_prefer_server_ciphers on;
# OCSP Stapling
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/owncloud9tutorial.goip.de/fullchain.pem;
# SSL session handling
ssl_session_timeout 24h;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
#
# Add headers to serve security related headers
# HSTS (ngx_http_headers_module is required)
# In order to be recoginzed by SSL test, there must be an index.hmtl in the server's root
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
add_header X-Content-Type-Options nosniff;
# Usually this should be "DENY", but when hosting sites using frames, it has to be "SAMEORIGIN"
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
location = / {
# Disable access to the web root, otherwise nginx will show the default site here.
deny all;
}
location ^~ /nextcloud {
# Set max. size of a request (important for uploads to ownCloud)
client_max_body_size 1G;
# Besides the timeout values have to be raised in nginx' nextcloud config, these values have to be raised for the proxy as well
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:82;
proxy_redirect off;
}
# location ^~ /wetty {
# proxy_pass http://127.0.0.1:83;
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
# proxy_read_timeout 43200000;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header Host $http_host;
# proxy_set_header X-NginX-Proxy true;
# }
location ^~ /shellinabox/ {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:83/;
}
}
Let's encrypt vHost
server {
listen 127.0.0.1:81;
server_name 127.0.0.1;
location ^~ /.well-known/acme-challenge {
default_type text/plain;
root /var/www/letsencrypt;
}
}Nextcloud vHost upstream php-handler {
server unix:/run/php/php7.0-fpm.sock;
}
server {
listen 127.0.0.1:82;
server_name 127.0.0.1;
# Add headers to serve security related headers
# Use 'proxy_set_header' (not 'add_header') as the headers have to be passed through a proxy.
proxy_set_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
proxy_set_header X-Content-Type-Options nosniff;
proxy_set_header X-Frame-Options "SAMEORIGIN";
proxy_set_header X-XSS-Protection "1; mode=block";
proxy_set_header X-Robots-Tag none;
proxy_set_header X-Download-Options noopen;
proxy_set_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
root /var/www/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /nextcloud/public.php?service=host-meta-json last;
location = /.well-known/carddav { return 301 $scheme://$host/nextcloud/remote.php/dav; }
location = /.well-known/caldav { return 301 $scheme://$host/nextcloud/remote.php/dav; }
location /.well-known/acme-challenge { }
location ^~ /nextcloud {
# set max upload size
client_max_body_size 1G;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
error_page 403 /nextcloud/core/templates/403.php;
error_page 404 /nextcloud/core/templates/404.php;
location /nextcloud {
rewrite ^ /nextcloud/index.php$uri;
}
location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
}
location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
# Important: disable HTTPS, otherwise no log in will be possible!
#fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
# Raise timeout values.
# This is especially important when the nextcloud setup runs into timeouts (504 gateway errors)
fastcgi_read_timeout 300;
fastcgi_send_timeout 300;
fastcgi_connect_timeout 300;
# Pass PHP variables directly to PHP.
# This is usually done in the php.ini. For more flexibility, these variables are configured in the nginx config.
# All the PHP parameters have to be set in one fastcgi_param. When using more 'fastcgi_param PHP_VALUE' directives, the last one will override all the others.
upload_max_filesize = 1G
post_max_size = 1G
max_execution_time = 3600";
# Make sure that the real IP of the remote host is passed to PHP.
fastcgi_param REMOTE_ADDR $http_x_real_ip;
}
location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~* \.(?:css|js)$ {
try_files $uri /nextcloud/index.php$uri$is_args$args;
proxy_set_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
# Again use 'proxy_set_header' (not 'add_header') as the headers have to be passed through a proxy.
proxy_set_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
proxy_set_header X-Content-Type-Options nosniff;
proxy_set_header X-Frame-Options "SAMEORIGIN";
proxy_set_header X-XSS-Protection "1; mode=block";
proxy_set_header X-Robots-Tag none;
proxy_set_header X-Download-Options noopen;
proxy_set_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /nextcloud/index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
}
}Shellinabox vHost server {
server_name 127.0.0.1;
listen 127.0.0.1:83;
location ^~ /shellinabox {
# rewrite ^/shellinabox/(.*) /$1 break;
proxy_pass http://127.0.0.1:4200;
proxy_read_timeout 90;
}
}default.conf_disabled server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}Nachdem ich im Gateway Host /terminal/ durch /shellinabox/ ersetzt habe, erhalte ich eine 502 Seite. root@lin-core:~# curl -i http://owncloud9tutorial.goip.de/shellinabox
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2017 20:22:35 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://192.168.178.33/shellinabox
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
|
|
Hans345
(Themenstarter)
Anmeldungsdatum:
16. Oktober 2015
Beiträge: 20
|
Ich bin jetzt bis Mi nicht am Rechner, so dass ich Dinge leider nicht ausprobieren kann. Freue mich aber über Vorschläge und Hilfe.
|
|
misterunknown
Ehemalige
Anmeldungsdatum:
28. Oktober 2009
Beiträge: 4403
Wohnort: Sachsen
|
Der VHost owncloud9tutorial.goip.de, den du ansprichst, hat absolut nichts mit dem konfigurierten VHost für shellinabox zu tun. Er macht genau, was du ihm sagst: Er leitet alles auf https um. Die IP in der Umleitung kommt daher, dass du diese als letzten server_name eingetragen hast. Auf Port 443 (HTTPS) lauscht offenbar nichts (zumindest hast du nichts gezeigt), daher wird das auch nicht funktionieren.
|
|
Hans345
(Themenstarter)
Anmeldungsdatum:
16. Oktober 2015
Beiträge: 20
|
Nach dem Tutorial https://decatec.de/home-server/owncloud-9-auf-ubuntu-server-16-04-lts-mit-nginx-mariadb-php-7-und-lets-encrypt/ übernimmt der Gateway Host die Verschlüsselung, so dass die Weiterleitung an den virtuellen Host für Shellinabox unverschlüsselt laufen kann. Der Gateway Host muss folgendermaßen erweitert werden.
location ^~ /shellinabox {
proxy_pass http://127.0.0.1:84;
proxy_read_timeout 90;
}Der virtuelle Host für Shellinabox hat folgenden Inhalt. server {
listen 84;
server_name 127.0.0.1;
location /shellinabox/ {
rewrite ^/shellinabox/(.*) /$1 break;
proxy_pass http://127.0.0.1:4200;
proxy_read_timeout 90;
}
}Zusätzlich muß die Konfiguration von shellinabox /etc/default/shellinabox geändert werden. Besonders der letzte Parameter ist wichtig (siehe oben).
SHELLINABOX_ARGS="--no-beep --localhost-only --disable-ssl" Nach den Änderungen noch
service nginx restart
service shellinabox restart
um die Änderung wirksam zu machen.
|
|
raketenwilli
Anmeldungsdatum:
13. Juli 2023
Beiträge: Zähle...
|
@Hans365: Ich hatte das Problem heute (übrigens mit Debian GNU/Linux 12 (bookworm)) und sage: „Danke! Genau das (Beitrag vom 10. Februar 2017 11:22 ) funktioniert.“
|