问题1:使用cloudflare的dns回源服务器的时候,出现了http和https不断反复重定向
问题2: flask只能启用http服务,需要启用https
- 使用lnmp vhost add 添加域名,配置ssl证书
- pip install gunicorn
- 新建文件 gunicorn_start.sh(解决问题2),运行sh gunicorn_start.sh
#!/bin/bash
# 定义Flask应用程序的名称和入口文件名
APP_NAME=app
APP_ENTRYPOINT=app:app
# 定义SSL证书和私钥文件的路径
CERT_FILE=/path/to/cert.pem
KEY_FILE=/path/to/key.pem
# 启动Gunicorn
gunicorn $APP_ENTRYPOINT \
--bind 0.0.0.0:443 \
--certfile $CERT_FILE \
--keyfile $KEY_FILE \
--workers 4 \
--worker-class gthread \
--threads 2 \
--timeout 120 \
--log-level=info \
--access-logfile=- \
--error-logfile=-- nginx 配置
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name your-site ;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/your-site;
ssl_certificate /usr/local/nginx/conf/ssl/your-site/fullchain.cer;
ssl_certificate_key /usr/local/nginx/conf/ssl/your-site/your-site.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
location / {
proxy_pass https://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
access_log /home/wwwlogs/your-site.log;
}- cloudflare找到对应的域名,点击左侧的 “SSL/TLS”。 将“Your SSL/TLS encryption mode ” 配置成FULL或者FULL(Strict) (否则不支持https,解决问题1)