安装butterfly+nginx+https

安装butterfly+Nginx https

1. 安装butterfly

img

yum install python36 python36-pip python36-devel -y
pip install butterfly
pip install butterfly[themes]  # If you want to use themes
pip install butterfly[systemd]  # If you want to use systemd
butterfly

1.1 注册systemd服务

cd /etc/systemd/system
curl -O https://raw.githubusercontent.com/paradoxxxzero/butterfly/master/butterfly.service
curl -O https://raw.githubusercontent.com/paradoxxxzero/butterfly/master/butterfly.socket
systemctl enable butterfly.socket
systemctl start butterfly.socket

1.3 配置butterfly为非安全模式,我们使用Nginx来提供https服务

使用sshd授权登录方式.

vim /etc/systemd/system/butterfly.service

[Unit]
Description=Butterfly Terminal Server

[Service]
ExecStart=/usr/local/bin/butterfly.server.py --unsecure --login --pam_profile=sshd

1.4 重新启动服务即可

systemctl restart butterfly.socket

  1. Nginx配置文件
    1. 设置
server {
    listen       443 ssl;
    server_name  servername;
    ssl_certificate      /home/makeit/.keys/fullchain.pem;
    ssl_certificate_key  /home/makeit/.keys/keys.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
    
    auth_basic "input you passwd";
    auth_basic_user_file passwd.db; 
    location / {
    proxy_pass http://127.0.0.1:575575;
    proxy_read_timeout     300s;
    proxy_connect_timeout  300s;
    #后端证书文件,如果后端开启https
    #proxy_ssl_certificate /etc/butterfly/ssl/butterfly_ca.crt;
    #proxy_ssl_certificate_key /etc/butterfly/ssl/butterfly_ca.key;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-F $remote_addr;
    proxy_http_version 1.1; #代理websocket
    proxy_set_header Upgrade "websocket";
    proxy_set_header Connection "Upgrade";
    proxy_set_header Sec-Websocket-Version 13;#重要
    proxy_set_header Connection ""; #防止客户端close,后端也close了
    }

后端设置自签证书,连上后就close了. 没弄好,

改成后端使用非安全模式才可以的.

参考:

https://github.com/paradoxxxzero/butterfly

https://www.xncoding.com/2018/03/12/fullstack/nginx-websocket.html

https://ma.ttias.be/enable-keepalive-connections-in-nginx-upstream-proxy-configurations/

https://www.serverlab.ca/tutorials/linux/web-servers-linux/how-to-proxy-wss-websockets-with-nginx/

https://www.hi-linux.com/posts/42176.html

相关文章

Nginx (engine x) 是一个高性能的HTTP和反向代理服务,也是一...
本地项目配置 1 复制 luffy/settings/dev.py为prop.py 修改l...
nginx不仅可以隐藏版本信息,还支持自定义web服务器信息 先看...
一 、此次漏洞分析 1 nginx HTTP/2漏洞 [nginx-announce] ng...
###进入nginx 目录cd /usr/local/nginx###递归显示 2 级目录...
在cmd命令窗口输入下面命令进行查看 tasklist /fi "ima...