初衷:由於RStudio server社區版不支持直接配置SSL的功能,所以需要通過別的方式實現。
方法:通過nginx的方式達到配置SSL。
安裝certbot
使用certbot生成證書。
參考⽹址:https://docs.aws.amazon.com/zh_cn/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#letsencrypt
sudo yum install -y certbot
創建證書
sudo certbot certonly --standalone -d you-DNS --
email [email protected] --agree-tos --no-eff-email
使⽤nginx配置https
參考⽹址:https://stackoverflow.com/questions/53102584/how-can-i-set-up-an-rstudio-server-to-run-with-ssl-on-aws
sudo yum install nginx
創建/etc/nginx/conf.d/rstudio.conf⽂件並加⼊以下內容:
server {
listen 80;
listen [::]:80;
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
server_name you-DNS;
location / {
proxy_pass http://localhost:8787/;
proxy_redirect http://localhost:8787/ $scheme://$host/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 20d;
}
}
把server_name後⾯的DNS換成⾃⼰的DNS
在/etc/nginx/nginx.conf⽂件的http模塊添加以下內容:
http {
# All you other settings up here...
server_names_hash_bucket_size 128;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
}
編輯/etc/rstudio/rserver.conf⽂件,添加如下配置:
www-address=127.0.0.1
重啟服務
sudo rstudio-server restart
sudo systemctl restart nginx
訪問
http://you-DNS 對應80端⼝
https://you-DNS 對於443端⼝
注意開放這兩個端⼝
