Openvas9的Nginx代理
问题描述:
我已经安装了openvas9并且已经从cert store安装了证书。我曾尝试使用nginx作为反向代理。我的openvas设置是/etc/default/openvas-gsa,看起来像这样;Openvas9的Nginx代理
# Defaults for Greenbone Security Assistant initscript
# sourced by /etc/init.d/openvas-gsa
# installed at /etc/default/openvas-gsa by the maintainer scripts
# To disable HTTPS:
#
#HTTP_ONLY=1
# To enable http redirection:
#
HTTP_REDIRECT=1
# To set listening address:
#
#LISTEN_ADDRESS="0.0.0.0"
# To set listening port number:
#
PORT_NUMBER=4000
在/etc/nginx/sites-enabled/openvas我的nginx的配置看起来像这样(用改变明显的服务器名称);
server {
listen 443 ssl;
server_name vas.server.com;
location/{
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE_HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-FORWARDED-PROTOCOL $scheme;
proxy_pass http://localhost:4000;
}
}
我得到的只是一个502 Bad Gateway。我哪里错了?
答
server {
listen 80;
server_name vas.novarumcloud.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name vas.novarumcloud.com;
location/{
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE_HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-FORWARDED-PROTOCOL $scheme;
proxy_pass https://localhost:4000;
}
}
但是,你也需要去/etc/default/openvas-gsa ,并有如下设置;
# Defaults for Greenbone Security Assistant initscript
# sourced by /etc/init.d/openvas-gsa
# installed at /etc/default/openvas-gsa by the maintainer scripts
# To disable HTTPS:
#
#HTTP_ONLY=1
# To enable http redirection:
#
HTTP_REDIRECT=1
# To set listening address:
#
#LISTEN_ADDRESS="0.0.0.0"
# To set listening port number:
#
PORT_NUMBER=4000