备用shell管理方案之butterfly+nginx+https

安装butterfly+nginx https

1. 安装butterfly

img

yum install python36 python36-pip python36-devel -y
pip install butterfly
pip install butterfly[themes]  # If you want to use themes
pip install butterfly[systemd]  # If you want to use systemd
butterfly

1.1 注册systemd服务

cd /etc/systemd/system
curl -O https://raw.githubusercontent.com/paradoxxxzero/butterfly/master/butterfly.service
curl -O https://raw.githubusercontent.com/paradoxxxzero/butterfly/master/butterfly.socket
systemctl enable butterfly.socket
systemctl start butterfly.socket

1.3 配置butterfly为非安全模式,我们使用nginx来提供https服务

使用sshd授权登录方式.

vim /etc/systemd/system/butterfly.service

[Unit]
Description=Butterfly Terminal Server

[Service]
ExecStart=/usr/local/bin/butterfly.server.py --unsecure --login --pam_profile=sshd

1.4 重新启动服务即可

systemctl restart butterfly.socket

  1. nginx的配置文件
    1. 设置
server {
    listen       443 ssl;
    server_name  servername;
    ssl_certificate      /home/makeit/.keys/fullchain.pem;
    ssl_certificate_key  /home/makeit/.keys/keys.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
    
    auth_basic "input you passwd";
    auth_basic_user_file passwd.db; 
    location / {
    proxy_pass http://127.0.0.1:575575;
    proxy_read_timeout     300s;
    proxy_connect_timeout  300s;
    #后端证书文件,如果后端开启https
    #proxy_ssl_certificate /etc/butterfly/ssl/butterfly_ca.crt;
    #proxy_ssl_certificate_key /etc/butterfly/ssl/butterfly_ca.key;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-F $remote_addr;
    proxy_http_version 1.1; #代理websocket
    proxy_set_header Upgrade "websocket";
    proxy_set_header Connection "Upgrade";
    proxy_set_header Sec-Websocket-Version 13;#重要
    proxy_set_header Connection ""; #防止客户端close,后端也close了
    }

后端设置自签证书,连上后就close了. 没弄好,

改成后端使用非安全模式才可以的.

参考:

https://github.com/paradoxxxzero/butterfly

https://www.xncoding.com/2018/03/12/fullstack/nginx-websocket.html

https://ma.ttias.be/enable-keepalive-connections-in-nginx-upstream-proxy-configurations/

https://www.serverlab.ca/tutorials/linux/web-servers-linux/how-to-proxy-wss-websockets-with-nginx/

https://www.hi-linux.com/posts/42176.html

posted @   lvusyy  阅读(488)  评论(1编辑  收藏  举报
编辑推荐:
· 从 HTTP 原因短语缺失研究 HTTP/2 和 HTTP/3 的设计差异
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
阅读排行:
· winform 绘制太阳,地球,月球 运作规律
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· Manus的开源复刻OpenManus初探
· 写一个简单的SQL生成工具
· AI 智能体引爆开源社区「GitHub 热点速览」
点击右上角即可分享
微信分享提示