纯ipv6服务器安装Komari
免费域名
xyz便宜域名申请:
纯ipv6服务器连接:
官方地址:https://komari-document.pages.dev/
1.更新系统
apt update&&apt upgrade -y
安装必要组件
apt install -y curl sudo socat
2.安装wrap(获得出口 IPv4 能力)
wget -N https://gitlab.com/fscarmen/warp/-/raw/main/menu.sh && bash menu.sh [option] [lisence/url/token]
3.安装komari一键管理脚本
curl -fsSL https://raw.githubusercontent.com/komari-monitor/komari/main/install-komari.sh -o install-komari.sh
chmod +x install-komari.sh
sudo ./install-komari.sh4.ip+端口成功访问(如果有防火墙,需要开放端口ufw allow 25774)
成功访问前提:本地网络有ipv6,或者节点服务器分配有ipv6
5.安装acme(自动化证书申请工具)
curl https://get.acme.sh | sh
6.添加软链接(快捷方式)
ln -s /root/.acme.sh/acme.sh /usr/local/bin/acme.sh
7.切换CA机构
acme.sh --set-default-ca --server letsencrypt
8.安装nginx
apt install -y nginx
9.到CF解析域名
10.申请证书
注意:安全组与服务器内部的防火墙都需要允许外部访问 TCP 端口 80,也就是一定要查看80端口有没有开放,安全组或者防火墙一定要开放80端口,证书才能申请成功,放行80端口:ufw allow 80
acme.sh --issue -d 你的域名 -k ec-256 --webroot /var/www/html11.安装证书
acme.sh --install-cert -d 你的域名 --ecc \
--key-file /etc/ssl/private/private.key \
--fullchain-file /etc/ssl/private/fullchain.cer12.配置nginx(nginx配置文件路径:/etc/nginx/nginx.conf)
粘贴替换下面内容(粘贴完成只修改域名,如果有特别设置端口记得修改)
#nginx配置
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server
{
listen [::]:80; #监听端口 IPv6
listen [::]:443 ssl; #监听端口 带SSL iPv6
#listen 80; #ipv4
#listen 443 ssl; #ipv4
server_name yourdomain.com; #填写监控网站域名
index index.php index.html index.htm default.php default.htm default.html;
root /home/web/nezha;
#index root
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;
ssl_certificate /etc/ssl/private/fullchain.cer; #SSL证书文件
ssl_certificate_key /etc/ssl/private/private.key; #SSL密钥文件
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#以下是反代内容 如果有特别设置端口记得修改
location ^~ / {
proxy_pass http://127.0.0.1:25774;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
proxy_ssl_server_name off;
proxy_ssl_name $proxy_host;
# 50M文件上传
client_max_body_size 50M;
}
}
}
13.检查nginx配置文件是否正确
nginx -t
14.重启并查看nginx状态
systemctl restart nginx && systemctl status nginx
15.访问域名(不成功,检查端口443是否开放,ufw allow 443)
16.服务管理命令:
状态: systemctl status komari
启动: systemctl start komari
停止: systemctl stop komari
重启: systemctl restart komari
日志: journalctl -u komari -f
共有 0 条评论