安装butterfly+Nginx https

1. 安装butterfly

yum install python36 python36-pip python36-devel -y
pip install butterfly
pip install butterfly[themes]  # If you want to use themes
pip install butterfly[systemd]  # If you want to use systemd
butterfly

1.1 注册systemd服务

cd /etc/systemd/system
curl -O https://raw.githubusercontent.com/paradoxxxzero/butterfly/master/butterfly.service
curl -O https://raw.githubusercontent.com/paradoxxxzero/butterfly/master/butterfly.socket
systemctl enable butterfly.socket
systemctl start butterfly.socket

1.3 配置butterfly为非安全模式,我们使用Nginx来提供https服务

使用sshd授权登录方式.

vim /etc/systemd/system/butterfly.service

[Unit]
Description=Butterfly Terminal Server

[Service]
ExecStart=/usr/local/bin/butterfly.server.py --unsecure --login --pam_profile=sshd

1.4 重新启动服务即可

systemctl restart butterfly.socket

1. Nginx的配置文件
   1. 设置

server {
    listen       443 ssl;
    server_name  servername;
    ssl_certificate      /home/makeit/.keys/fullchain.pem;
    ssl_certificate_key  /home/makeit/.keys/keys.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
    
    auth_basic "input you passwd";
    auth_basic_user_file passwd.db; 
    location / {
    proxy_pass http://127.0.0.1:575575;
    proxy_read_timeout     300s;
    proxy_connect_timeout  300s;
    #后端证书文件,如果后端开启https
    #proxy_ssl_certificate /etc/butterfly/ssl/butterfly_ca.crt;
    #proxy_ssl_certificate_key /etc/butterfly/ssl/butterfly_ca.key;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-F $remote_addr;
    proxy_http_version 1.1; #代理websocket
    proxy_set_header Upgrade "websocket";
    proxy_set_header Connection "Upgrade";
    proxy_set_header Sec-Websocket-Version 13;#重要
    proxy_set_header Connection ""; #防止客户端close,后端也close了
    }

后端设置自签证书,连上后就close了. 没弄好,

改成后端使用非安全模式才可以的.

参考:

https://github.com/paradoxxxzero/butterfly

https://www.xncoding.com/2018/03/12/fullstack/nginx-websocket.html

https://ma.ttias.be/enable-keepalive-connections-in-nginx-upstream-proxy-configurations/

https://www.serverlab.ca/tutorials/linux/web-servers-linux/how-to-proxy-wss-websockets-with-nginx/

https://www.hi-linux.com/posts/42176.html

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 dio@foxmail.com 举报，一经查实，本站将立刻删除。