问题[502](server)

我正在我的 Debian 10 服务器上安装Matomo Analytics平台，运行 Nginx 并使用 Cloudflare DNS 和 CDN。不幸的是，我在尝试访问它时收到502 Bad Gateway错误，表明该错误出在主机上。

按照 Matomo 的安装指南，我安装了下载最新版本的依赖/var/www项并将其解压缩到：

# wget https://builds.matomo.org/matomo.zip && unzip matomo.zip

然后我将他们的Nginx 配置示例复制到/etc/nginx/sites-available，将其链接到/etc/nginx/sites-enabled并修改设置以适合我的情况，如下所述：

server {
    listen [::]:80; # remove this if you don't want Matomo to be reachable from IPv6
    listen 80;
    server_name matomo.andy-sb.com;
    # Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
    location / {
        return 301 https://$host$request_uri;
    }
}
server {
    listen [::]:443 ssl http2; # remove this if you don't want Matomo to be reachable from IPv6
    listen 443 ssl http2;
    server_name matomo.andy-sb.com; # list all domains Matomo should be reachable from
    access_log /var/log/nginx/matomo.access.log;
    error_log /var/log/nginx/matomo.error.log;

    ## uncomment if you want to enable HSTS with 6 months cache
    ## ATTENTION: Be sure you know the implications of this change (you won't be able to disable HTTPS anymore)
    #add_header Strict-Transport-Security max-age=15768000 always;

    ## replace with your SSL certificate
    ssl_certificate /etc/letsencrypt/live/matomo.andy-sb.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/matomo.andy-sb.com/privkey.pem;

    include ssl.conf; # if you want to support older browsers, please read through this file

    add_header Referrer-Policy origin always; # make sure outgoing links don't show the URL to the Matomo instance
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;

    root /var/www/matomo/; # replace with path to your matomo instance

    index index.php;

    ## only allow accessing the following php files
    location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs)\.php {
        include snippets/fastcgi-php.conf; # if your Nginx setup doesn't come with a default fastcgi-php config, you can fetch it from https://github.com/nginx/nginx/blob/master/conf/fastcgi.conf
        #try_files $fastcgi_script_name =404; # protects against CVE-2019-11043. If this line is already included in your snippets/fastcgi-php.conf you can comment it here.
        fastcgi_param HTTP_PROXY ""; # prohibit httpoxy: https://httpoxy.org/
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock; #replace with the path to your PHP socket file
        #fastcgi_pass 127.0.0.1:9000; # uncomment if you are using PHP via TCP sockets (e.g. Docker container)
    }

    ## deny access to all other .php files
    location ~* ^.+\.php$ {
        deny all;
        return 403;
    }

    ## serve all other files normally
    location / {
        try_files $uri $uri/ =404;
    }

    ## disable all access to the following directories
    location ~ ^/(config|tmp|core|lang) {
        deny all;
        return 403; # replace with 404 to not show these directories exist
    }

    location ~ /\.ht {
        deny  all;
        return 403;
    }

    location ~ js/container_.*_preview\.js$ {
        expires off;
        add_header Cache-Control 'private, no-cache, no-store';
    }

    location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
        allow all;
        ## Cache images,CSS,JS and webfonts for an hour
        ## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade
        expires 1h;
        add_header Pragma public;
        add_header Cache-Control "public";
    }

    location ~ ^/(libs|vendor|plugins|misc/user|node_modules) {
        deny all;
        return 403;
    }

    ## properly display textfiles in root directory
    location ~/(.*\.md|LEGALNOTICE|LICENSE) {
        default_type text/plain;
    }
}

SSL证书有效，运行nginx -t不返回任何错误，也不运行systemctl restart nginx重启Nginx。我已经使用Cloudflare DNS创建了 A 和 AAAA 记录。

您好，您能帮我在我的 ubuntu 16.04 服务器上设置 apache 和 nginx 服务器，但是当我尝试访问 localhost/info.php 示例时，我得到了

502 错误网关 nginx/1.9.15 (Ubuntu)

错误 502 bad gateway，这是来自错误日志文件：

2017/01/24 10:50:55 [错误] 14774#14774: *29 connect() 在连接到上游时失败（111：连接被拒绝），客户端：127.0.0.1，服务器：example.com，请求：“GET /info.php HTTP/1.1”，上游：“ http://127.0.0.1:8080/info.php ”，主机：“localhost”

我的 /etc/apache2/ports.conf 是：

Listen 8000

<IfModule ssl_module>
    Listen 443
</IfModule>

<IfModule mod_gnutls.c>
    Listen 443
</IfModule>

我的 /etc/nginx/sites-available/default 文件是：

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.php index.html index.htm index.nginx-debian.html;

    server_name 127.0.0.1;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
        proxy_pass http://127.0.0.1:8000;
            include /etc/nginx/proxy_params;
    }

    location ~* \.(js|css|jpg|jpeg|gif|png|svg|ico|pdf|html|htm)$ {
        expires      30d;
        }

    }

       location @proxy {
                proxy_pass http://127.0.0.1:8000;
                include /etc/nginx/proxy_params;
       }
       location ~* \.php$ {
                proxy_pass http://127.0.0.1:8000;
                include /etc/nginx/proxy_params;
       }
}

我的 /etc/nginx/nginx.conf 文件：

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
    worker_connections 768;
    # multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # SSL Settings
    ##

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    ##
    # Logging Settings
    ##

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;
    gzip_disable "msie6";

    # gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    # gzip_buffers 16 8k;
    # gzip_http_version 1.1;
    # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

/var/www/html 文件夹的权利和所有权：

➜  html sudo ls -lah /var/www/html          
общо 40K
drwx--s--x  6 dimitar www-data 4,0K яну 24 10:44 .
drwxr-sr-x  3 dimitar www-data 4,0K дек 28 12:26 ..
-rw-r-Sr--  1 dimitar www-data  12K яну 24 00:52 index.html
-rw-r--r--  1 dimitar www-data   18 яну 24 10:44 info.php
drwxrwsr-x  6 dimitar www-data 4,0K яну 10 14:02 Laracast
drwxrwsr-x  2 dimitar www-data 4,0K яну 23 20:17 phpmyadmin
drwxrwxrwx  5 dimitar www-data 4,0K дек 16 11:28 softuni
drwxrwsr-x 12 dimitar www-data 4,0K яну  3 20:04 users

sudo netstat -lntp 的输出：

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:7845            0.0.0.0:*               LISTEN      5054/skype      
tcp        0      0 127.0.0.1:30666         0.0.0.0:*               LISTEN      31454/Viber     
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      2521/mysqld     
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN      2523/smbd       
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      14328/nginx -g daem
tcp        0      0 127.0.0.1:4371          0.0.0.0:*               LISTEN      28075/spotify   
tcp        0      0 127.0.0.1:5940          0.0.0.0:*               LISTEN      2301/teamviewerd
tcp        0      0 0.0.0.0:57621           0.0.0.0:*               LISTEN      28075/spotify   
tcp        0      0 127.0.0.1:45112         0.0.0.0:*               LISTEN      31454/Viber     
tcp        0      0 0.0.0.0:220             0.0.0.0:*               LISTEN      1233/sshd       
tcp        0      0 127.0.0.1:4381          0.0.0.0:*               LISTEN      28075/spotify   
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN      2523/smbd       
tcp6       0      0 :::139                  :::*                    LISTEN      2523/smbd       
tcp6       0      0 :::220                  :::*                    LISTEN      1233/sshd       
tcp6       0      0 :::445                  :::*                    LISTEN      2523/smbd       
tcp6       0      0 :::8000                 :::*                    LISTEN      15002/apache2  

/etc/nginx/proxy_params 的内容：

proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

client_max_body_size 100M;
client_body_buffer_size 1m;
proxy_intercept_errors on;
proxy_buffering on;
proxy_buffer_size 128k;
proxy_buffers 256 16k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_max_temp_file_size 0;
proxy_read_timeout 300;

有人可以帮我一把吗？