在AWS的RStudio server中設置SSL

初衷:由於RStudio server社區版不支持直接配置SSL的功能,所以需要通過別的方式實現。

方法:通過nginx的方式達到配置SSL。

安裝certbot

使用certbot生成證書。

參考⽹址:https://docs.aws.amazon.com/zh_cn/AWSEC2/latest/UserGuide/SSL-on-amazon-linux-2.html#letsencrypt

sudo yum install -y certbot

創建證書

sudo certbot certonly --standalone -d you-DNS --

email [email protected] --agree-tos --no-eff-email

使⽤nginx配置https

參考⽹址:https://stackoverflow.com/questions/53102584/how-can-i-set-up-an-rstudio-server-to-run-with-ssl-on-aws

sudo yum install nginx

創建/etc/nginx/conf.d/rstudio.conf⽂件並加⼊以下內容:

server {

listen 80;

listen [::]:80;

listen 443 ssl;

ssl_certificate /etc/nginx/ssl/nginx.crt;

ssl_certificate_key /etc/nginx/ssl/nginx.key;

server_name you-DNS;

location / {

proxy_pass http://localhost:8787/;

proxy_redirect http://localhost:8787/ $scheme://$host/;

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection $connection_upgrade;

proxy_read_timeout 20d;

}

}

把server_name後⾯的DNS換成⾃⼰的DNS

在/etc/nginx/nginx.conf⽂件的http模塊添加以下內容:

http {

# All you other settings up here...

server_names_hash_bucket_size 128;

map $http_upgrade $connection_upgrade {

default upgrade;

'' close;

}

}

編輯/etc/rstudio/rserver.conf⽂件,添加如下配置:

www-address=127.0.0.1

重啟服務

sudo rstudio-server restart

sudo systemctl restart nginx

訪問

http://you-DNS 對應80端⼝

https://you-DNS 對於443端⼝

注意開放這兩個端⼝


分享到:


相關文章: