不知怎的最近黑群晖各类服务必须用 https 打开？

浏览器原因？

或者看看 黑群晖里的 nginx 的配置

@AllenHua 换了台电脑也是这样，最近装了 aria2 做了反向代理有影响吗？

@yuhaaitao #2 aria2 下载工具 不至于影响这个的

先看看 qb 进程是不是活着的

然后看看 80 端口有没有被监听 个人怀疑应该是 nginx 或者 uhttpd 之类的造成的 端口冲突也有可能

[]( https://s3.pterclub.com:2096/image/8l5rB)
就是设置了这个反向代理

@AllenHua ddns+端口号，80 端口没占用吧？

HSTS

开启功能前先理解作用
一股脑的勾上毫无意义

@PMR 去掉 了 HSTS，bitwarden 能正常使用，但是打开 qb 还是提示 https

@AllenHua 请帮忙看下，是不是这里设置不对？谢谢！
[img]https://img.pterclub.com/images/2020/12/07/nights.png[/img]
[img]https://img.pterclub.com/images/2020/12/07/e8cf6af1c393047176bb8c7909930cfe.png[/img]

@yuhaaitao #8 贴一下 conf/nginx.conf 看看？

@AllenHua #9 [img]https://img.pterclub.com/images/2020/12/07/ngix.png[/img]
安装的这个扩展，不知道配置文件在哪里

@yuhaaitao #10 `sudo find / -name nginx.conf` 找找

@AllenHua etc/nginx/nginx.conf 配置
# Copyright (c) 2000-2016 Synology Inc. All rights reserved.

worker_processes auto;
#worker_cpu_affinity auto;
worker_rlimit_nofile 65535;

include conf.d/main.conf;

events {
use epoll;
multi_accept on;
accept_mutex on;
worker_connections 1024;

include conf.d/events.conf;
}

http {
include mime.types;
default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log off;
#access_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_access,nohostname main;
error_log syslog:server=unix:/dev/log,facility=local7,tag=nginx_error,nohostname error;

sendfile on;
server_tokens off;

proxy_request_buffering off;
fastcgi_request_buffering off;
scgi_request_buffering off;

proxy_buffering off;
fastcgi_buffering off;
scgi_buffering off;

resolver_timeout 5s;
client_header_timeout 10s;
client_body_timeout 60s;
send_timeout 60s;
keepalive_timeout 65s 20s;
client_max_body_size 0;
server_names_hash_max_size 8192;

ssl_certificate /usr/syno/etc/certificate/system/default/fullchain.pem;
ssl_certificate_key /usr/syno/etc/certificate/system/default/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
ssl_dhparam /usr/syno/etc/ssl/dh2048.pem;
ssl_prefer_server_ciphers on;

ssl_session_tickets off;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 3600s;

server_tag "nginx";

gzip_disable "msie6";
gzip_min_length 1000;
gzip_types text/plain text/css application/javascript application/json;
gzip_vary on;
gzip_static on;

upstream synoscgi {
server unix:/run/synoscgi.sock;
}

index index.html index.htm index.php;

set_real_ip_from 127.0.0.1;
real_ip_header X-Real-IP;

server {
listen 2233 default_server;
listen [::]:2233 default_server;

server_name _;

gzip on;

include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;

ignore_invalid_headers off;

include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;

location = / {
try_files $uri /index.cgi$is_args$query_string;
}

location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;

root /;

include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}

location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}

location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}

error_page 403 404 500 502 503 504 @error_page;

location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}

location ~ ^/webman/modules/Indexer/ {
deny all;
}

location ~ ^/webapi/lib/ {
deny all;
}

location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}

location ~ /\. { access_log off; log_not_found off; deny all; }

location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}

location = /favicon.ico {
access_log off;
log_not_found off;
}

location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}

}

server {
listen 2234 default_server ssl http2;
listen [::]:2234 default_server ssl http2;

server_name _;

include app.d/alias.*.conf;
root /usr/syno/synoman;
index index.cgi;

ignore_invalid_headers off;

include app.d/dsm.*.conf;
include /usr/syno/share/nginx/conf.d/dsm.*.conf;
include conf.d/dsm.*.conf;

location = / {
try_files $uri /index.cgi$is_args$query_string;
}

location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;

root /;

include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}

location ~ /webman/modules/(PersonalSettings|ExternalDevices|FileBrowser)/index_ds.php$ {
alias /usr/syno/share/OAuth/index_ds.php;
default_type text/html;
}

location ~ \.cgi {
include scgi_params;
scgi_read_timeout 3600s;
scgi_pass synoscgi;
}

error_page 403 404 500 502 503 504 @error_page;

location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}

location ~ ^/webman/modules/Indexer/ {
deny all;
}

location ~ ^/webapi/lib/ {
deny all;
}

location ~ ^/webapi/(:?(:?.*)\.lib|(:?.*)\.api|(:?.*)\.auth|lib.def)$ {
deny all;
}

location ~ /\. { access_log off; log_not_found off; deny all; }

location ~* \.(?:js|css|png|jpg|gif|ico)$ {
access_log off;
log_not_found off;
}

location = /favicon.ico {
access_log off;
log_not_found off;
}

location = /robots.txt {
allow all;
access_log off;
log_not_found off;
}

}

server {
listen 80 default_server;
listen [::]:80 default_server;

gzip on;

server_name _;

location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;

root /;

include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}

include app.d/www.*.conf;
include app.d/alias.*.conf;
include /usr/syno/share/nginx/conf.d/www.*.conf;
include conf.d/www.*.conf;

location = /webdefault/images/logo.jpg {
alias /usr/syno/share/nginx/logo.jpg;
}

error_page 403 404 500 502 503 504 @error_page;

location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}

location ^~ /.well-known/acme-challenge {
root /var/lib/letsencrypt;
default_type text/plain;
}

include app.d/.location.webstation.conf*;

location / {
rewrite ^ / redirect;
}

location ~ ^/$ {
rewrite / http://$host:2233/ redirect;
}
}

server {
listen 443 default_server ssl;
listen [::]:443 default_server ssl;

server_name _;

location ~ ^/volume(?:X|USB|SATA|Gluster)?\d+/ {
internal;

root /;

include app.d/x-accel.*.conf;
include conf.d/x-accel.*.conf;
}

include app.d/www.*.conf;
include app.d/alias.*.conf;
include /usr/syno/share/nginx/conf.d/www.*.conf;
include conf.d/www.*.conf;

location = /webdefault/images/logo.jpg {
alias /usr/syno/share/nginx/logo.jpg;
}

error_page 403 404 500 502 503 504 @error_page;

location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
}

location ^~ /.well-known/acme-challenge {
root /var/lib/letsencrypt;
default_type text/plain;
}

include app.d/.location.webstation.conf*;

location / {
rewrite ^ / redirect;
}

location ~ ^/$ {
rewrite / https://$host:2234/ redirect;
}
}

include conf.d/http.*.conf;
include app.d/server.*.conf;
include sites-enabled/*;
}

@AllenHua 有这么多配置文件
[]( https://imgchr.com/i/rPAyNV)

@yuhaaitao #13 应该就是 /etc/nginx/nginx.conf 的

重点关注一下 listen 80 那个 server 块，我也看不出来到底是什么原因导致无法访问 http://YOUR_IP 的