Nginx 与 SeLinux 的问题

在部署 EPEL 镜像的过程中，发现 nginx 配置一切正常，但无法列出文件，百思不得其解。后来在 stackoverflow 上找到答案。这里，发现是 SeLinux 造成的后，google "selinux nginx"，来到 Using NGINX and NGINX Plus with SELinux - nginx.com。问题解决。

不过在经上述设置后，仍然会得到 403: Forbidden 报错，需按照 这里 进行设置。

附 同步 EPEL 镜像脚本：

#!/bin/bash
LOCK_FILE="$HOME/.lock/rsync.lck"

if [ -f "${LOCK_FILE}" ]; then echo "经由 rsync 的更新已在运行......" && exit 0; fi

BASE_DIR="/var/mirrors/"
SERVER="mirrors.bfsu.edu.cn"

declare -A releases
releases["epel"]="7/x86_64/"
releases["centos"]="7.9.2009/sclo/"

declare -A GPG_KEY
GPG_KEY["epel"]="RPM-GPG-KEY-EPEL-7"
GPG_KEY["centos"]="RPM-GPG-KEY-CentOS-7"

/usr/bin/touch "${LOCK_FILE}"

rm_lock() {
    rm -rf "${LOCK_FILE}"
}

do_rsync() {
    # echo -e "\n${1}\n${2}\n${3}\n${4}"
    rsync  -auvzP --exclude debug --delete "rsync://${1}" "${2}/" && \
    rsync  -auvzP --delete "rsync://${3}" "${4}"
}

for name in ${!releases[@]}; do
    release="${releases[$name]}" 

    target_base="${BASE_DIR}${name}/"
    target_dir="${target_base}${release}" 

    base_url="${SERVER}/${name}/"
    repo_url="${base_url}${release}"
    gpg_url="${base_url}${GPG_KEY[${name}]}"

    if [[ -d "${target_dir}" ]]; then
        do_rsync "$repo_url" "${target_dir}" "${gpg_url}" "${target_base}"
    else
        echo "${target_dir} 目录不存在:-{"
        /usr/bin/mkdir -p "${target_dir}"
        do_rsync "$repo_url" "${target_dir}" "${gpg_url}" "${target_base}"
    fi

    if [[ $? -eq '0' ]]; then
        echo -e "\n${name} 同步成功......:)\n"
    else
        rm_lock && echo "同步失败:(" && exit 1
    fi
done

rm_lock && exit 0

Nginx 配置文件：

server {
    listen       80;
    server_name  10.12.7.136;

    #access_log  /var/log/nginx/host.access.log  main;
    root /var/mirrors/epel;

    location / {
        autoindex on;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}