This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
сервис_http [2022/07/29 05:45] val [NGINX] |
сервис_http [2022/10/06 09:01] val [Управление доступом к HTTP серверу с использованием OAuth2 аутентификации] |
||
---|---|---|---|
Line 813: | Line 813: | ||
[[http://grolmsnet.de/kerbtut/firefox.html]] | [[http://grolmsnet.de/kerbtut/firefox.html]] | ||
+ | |||
+ | ==== Управление доступом к HTTP серверу с использованием OAuth2 аутентификации ==== | ||
+ | |||
+ | * [[https://github.com/zmartzone/mod_auth_openidc/wiki/GitLab-OAuth2]] | ||
+ | |||
+ | <code> | ||
+ | gate# apt install libapache2-mod-auth-openidc | ||
+ | |||
+ | gate# cat /etc/apache2/sites-available/000-default.conf | ||
+ | ... | ||
+ | OIDCSSLValidateServer Off | ||
+ | OIDCProviderMetadataURL https://server.corp13.un/.well-known/openid-configuration | ||
+ | OIDCRedirectURI http://gate.corp13.un/cgi-bin/test-cgi | ||
+ | OIDCClientID e...............................................4 | ||
+ | OIDCClientSecret 7.................................................4 | ||
+ | OIDCCryptoPassphrase anystring | ||
+ | ... | ||
+ | </code> | ||
===== Протокол WebDAV ===== | ===== Протокол WebDAV ===== | ||
Line 851: | Line 869: | ||
<code> | <code> | ||
gate# apt install nginx | gate# apt install nginx | ||
+ | </code> | ||
+ | ==== Прокси "красивого" URL в приложение (пример 1) ==== | ||
+ | <code> | ||
gate# cat /etc/nginx/sites-available/user1 | gate# cat /etc/nginx/sites-available/user1 | ||
</code><code> | </code><code> | ||
Line 866: | Line 886: | ||
# service nginx configtest | # service nginx configtest | ||
- | но, где ошибка, лучше видно так: | + | # tail /var/log/nginx/error.log |
+ | или | ||
# nginx -t -c /etc/nginx/nginx.conf | # nginx -t -c /etc/nginx/nginx.conf | ||
- | |||
- | # tail /var/log/nginx/error.log | ||
# service nginx restart | # service nginx restart | ||
</code><code> | </code><code> | ||
gate.isp.un$ wget -O - -q http://server.corpX.un | gate.isp.un$ wget -O - -q http://server.corpX.un | ||
- | </code><code> | + | </code> |
+ | |||
+ | ==== Прокси с балансировкой (пример 2) ==== | ||
+ | |||
+ | <code> | ||
# cat /etc/nginx/sites-available/myapp1 | # cat /etc/nginx/sites-available/myapp1 | ||
</code><code> | </code><code> | ||
Line 892: | Line 915: | ||
</code><code> | </code><code> | ||
# ln -s /etc/nginx/sites-available/myapp1 /etc/nginx/sites-enabled/myapp1 | # ln -s /etc/nginx/sites-available/myapp1 /etc/nginx/sites-enabled/myapp1 | ||
+ | </code> | ||
+ | |||
+ | ==== Прокси "красивого" URL в приложение (пример 3) ==== | ||
+ | |||
+ | <code> | ||
+ | # host mail | ||
+ | mail.corpX.un is an alias for server.corpX.un. | ||
+ | server.corpX.un has address 192.168.X.10 | ||
+ | |||
+ | # host webd | ||
+ | webd.corpX.un has address 192.168.X.10 | ||
+ | |||
+ | root@server# cat /var/opt/gitlab/nginx/conf/my.conf | ||
+ | </code><code> | ||
+ | server { | ||
+ | listen 80; | ||
+ | server_name webd.corpX.un; | ||
+ | |||
+ | location / { | ||
+ | proxy_pass http://192.168.49.2:30111/; | ||
+ | } | ||
+ | } | ||
+ | server { | ||
+ | listen 80; | ||
+ | server_name mail.corpX.un; | ||
+ | |||
+ | location / { | ||
+ | proxy_pass http://server.corpX.un:81/mail/; | ||
+ | } | ||
+ | } | ||
+ | </code><code> | ||
+ | root@server# cat /var/opt/gitlab/nginx/conf/nginx.conf | ||
+ | </code><code> | ||
+ | ... | ||
+ | include /var/opt/gitlab/nginx/conf/my.conf; | ||
+ | } | ||
+ | </code><code> | ||
+ | root@server# /opt/gitlab/embedded/sbin/nginx -p /var/opt/gitlab/nginx -t | ||
+ | </code><code> | ||
+ | root@server# gitlab-ctl restart nginx | ||
</code> | </code> |