yum install cockpit-ws cockpit-system cockpit-bridge
# cockpit-docker docker管理,需要安装docker
systemctl restart cockpit
systemctl enable cockpit
vim /etc/cockpit/cockpit.conf 新增文件
[Log]
Fatal = criticals
[WebService]
AllowUnencrypted=true
UrlRoot=/co/
vim /usr/lib/systemd/system/cockpit.socket
ListenStream=127.0.0.1:9090 监听本地
systemctl daemon-reload
systemctl restart cockpit.socket
nginx代理
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream websocket {
server 127.0.0.1:9090;
}
server {
listen 80;
server_name cockpit.domain.tld www.cockpit.domain.tld;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
server_name www.cockpit.domain.tld cockpit.domain.tld;
ssl on;
ssl_certificate /path/to/certificate;
ssl_certificate_key /path/to/key;
location /co/ { # 对应cockpit.conf的uri
proxy_pass http://websocket;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
# needed for websocket
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# change scheme of "Origin" to http
proxy_set_header Origin http://$host;
# Pass ETag header from cockpit to clients.
# See: https://github.com/cockpit-project/cockpit/issues/5239
# gzip off;
}
}