Nginx反代群晖DSM的两个问题解决办法

目录 文章

问题1:Nginx反代后群晖日志中所有记录的IP均为反代服务器的IP地址

问题2:Nginx反代后群晖无法正常退出,单击退出后丢失端口号

解决办法:

1.在反代配置文件中添加如下内容

proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

完整的配置文件如下:

server {
        listen       5001;
        server_name  www.orcy.net.cn;
 
        access_log  /var/log/nginx/access.log  main;
        error_log  /var/log/nginx/error.log;

        location / {
            proxy_pass http://192.168.20.20:5000;   #DSM

            proxy_set_header Host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        }

2.在群晖系统的控制面板->安全性->信任的代理服务器添加nginx的IP地址

确定->应用后即可解决本文的两个问题!

SSH配置key免密码登录

目录 文章

1.生成key

在本地主机输入以下命令

[root@localhost ~]# ssh-keygen

一直回车

Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:wmBu68n9DlND6yn18x0T4iEZSUVDI+AhizVB1tCCaho root@localhost.localdomain
The key's randomart image is:
+---[RSA 2048]----+
|     oO=o.o+*    |
|    .+.=oo o o   |
|   .+ ..o o      |
|E oo o . . o     |
| +  o o S o o .  |
|.  . . = + o o . |
|    . + o o . o  |
|   o o +   o . o |
|    + .oo   . .  |
+----[SHA256]-----+
[root@localhost ~]# 

查看生成的key文件

[root@localhost ~]# cd ~/.ssh
[root@localhost .ssh]# ll
total 8
-rw------- 1 root root 1679 Aug 10 09:46 id_rsa
-rw-r--r-- 1 root root  408 Aug 10 09:46 id_rsa.pub
[root@localhost .ssh]# 

2.拷贝公钥文件id_rsa.pub到远端主机的指定用户的home路径下(root用户的路径为/root)

[root@localhost .ssh]# scp id_rsa.pub root@192.168.15.129:/root
root@192.168.15.129's password: 
id_rsa.pub                      100%  408   379.2KB/s   00:00    

如上可以看到此时需要输入密码才能拷贝

3.通过SSH登录远端主机

[root@localhost .ssh]# ssh root@192.168.15.129
root@192.168.15.129's password: 
Last login: Tue Aug 10 09:45:47 2021 from 192.168.15.1
[root@yuancheng ~]# 

**此下的操作在远端主机进行**

此时还需要输入手动输入密码,查看指定用户home目录下有无.ssh文件夹,没有的话创建一个,复制2.中的id_rsa.pub的内容到authorized_keys文件

[root@yuancheng ~]# cd .ssh
[root@yuancheng .ssh]# cat ../id_rsa.pub | tee -a authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDINuohcfbWG8DMHY7mwnAIkp7jglJczOrk1ie5stdSF9GLroot@yuancheng
[root@yuancheng .ssh]# ll
total 12
-rw-r--r-- 1 root root  408 Aug 10 09:58 authorized_keys
[root@yuancheng .ssh]# 

4.设置authorized_keys文件的权限为600

[root@yuancheng .ssh]# chmod 600 authorized_keys 
[root@yuancheng .ssh]# ll
total 12
-rw------- 1 root root  408 Aug 10 09:58 authorized_keys
[root@yuancheng .ssh]# 

5.验证无输入密码登录

[root@localhost .ssh]# ssh root@192.168.15.129
Last login: Tue Aug 10 09:55:20 2021 from 192.168.15.128
[root@yuancheng ~]# 

此时已经不需要密码就可以直接ssh登录远端主机了

6.用其他用户登录

[root@localhost .ssh]# ssh orcy@192.168.15.129
orcy@192.168.15.129's password: 

用orcy用户登录时仍旧需要输入密码,如需orcy用户免输入密码,需要重复上述操作将公钥文件复制到orcy的home目录下。同一对key也可复制到多台远程主机实现ssh的免输入密码登录。

rsnyc报错error: remote command not found (code 127) at io.c(226) [sender=3.1.2]

目录 文章

使用rsync往不同的机器同步数据的时候,出现了如下错误

bash: rsync: command not found
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: remote command not found (code 127) at io.c(226) [sender=3.1.2]

造成此问题的原因是被同步的机器也要安装rsync,运行以下命令安装

yum  install rsync -y

目标机器安装完成后,回到源机器再次使用rsync尝试同步已经可以成功同步!

[root@centos cert]# rsync -av /usr/local/cert/ root@192.168.1.101:/home/cert
sending incremental file list
./
3188136_orcy.net.cn.key
3188136_orcy.net.cn.pem

sent 19,473 bytes  received 281 bytes  39,508.00 bytes/sec
total size is 25,994  speedup is 1.32