配置结构

nginx 常用配置 - 图1

常用配置

  1. 配置 https
  1. server {
  2. listen 443;
  3. server_name localhost;
  4. ssl on;
  5. root html;
  6. index index.html index.htm;
  7. ssl_certificate cert/1535407297197.pem;
  8. ssl_certificate_key cert/1535407297197.key;
  9. ssl_session_timeout 5m;
  10. ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
  11. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  12. ssl_prefer_server_ciphers on;
  13. location / {
  14. root html;
  15. index index.html index.htm;
  16. }
  17. }
  1. 配置端口转发
  1. http{
  2. proxy_read_timeout 300s;
  3. proxy_send_timeout 300s;
  4. keepalive_requests 1000;
  5. keepalive_timeout 300s;
  6. server{
  7. listen 8888;
  8. location / {
  9. proxy_pass http://192.168.1.20:8080;
  10. }
  11. }
  12. }
  1. 跨域问题解决
  1. server {
  2. listen 8081;//前端调试打开localhost:8081页面;js文件中后台接口访问localhost:8081/data;这样就保证不跨域了
  3. server_name localhost;
  4. access_log logs/host.access.log main;
  5. location / { //访问localhost:8081实际上访问是前端端口http://localhost:8080/
  6. proxy_pass http://localhost:8080/;
  7. }
  8. location ^~ /data {//访问localhost:8081/data实际上访问是后端接口http://10.128.166.42:8533/
  9. rewrite ^/data/(.*) /$1 break;
  10. proxy_pass http://10.128.166.42:8533/;
  11. }
  1. 配置压缩
  1. gzip on;
  2. gzip_disable "msie6";
  3. gzip_vary on;
  4. gzip_proxied any;
  5. gzip_comp_level 6;
  6. gzip_buffers 16 8k;
  7. gzip_http_version 1.1;
  8. gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss image/jpeg image/gif image/png
  1. 负载均衡
  1. upstream favtomcat {
  2. server 10.0.6.108:7080 weight=5;
  3. server 10.0.0.85:8980 weight=5;
  4. }
  5. location / {
  6. root html;
  7. index index.html index.htm;
  8. proxy_pass http://favtomcat;
  9. }

常用命令

  1. # 重新打开日志文件
  2. nginx -s reopen
  3. # 重新加载配置文件
  4. nginx -s reload
  5. # 查看nginx的配置文件的目录,测试配置文件是否正确
  6. nginx -t
  7. # 停止ngix(优雅关闭)
  8. nginx -s quit
  9. # 关闭 nginx(快速关闭,不管有没有请求)
  10. nginx -s stop

常见错误

  1. invalid PID

    • 错误信息
  1. nginx: [error] invalid PID number "" in "/usr/local/var/run/nginx
  • 解决方法
  1. $ sudo nginx -c /usr/local/etc/nginx/nginx.conf
  2. $ sudo nginx -s reload
  1. nginx做转发时,带’_’的header内容丢失

    • 解决方法
  1. underscores_in_headers on;

例子

  1. worker_processes 1; //开启进程数小于CPU数
  2. error_log logs/error.log; //自定义错误日志保存位置,全局设置,默认logs/error.log
  3. events {
  4. worker_connections 1024; //每个进程最大连接数(最大连接=连接数x进程数)每个worker允许同时产生多少个链接,默认1024
  5. }
  6. http {
  7. include mime.types; //文件扩展名与文件类型映射表
  8. default_type application/octet-stream; //默认文件类型
  9. log_format main '$remote_addr - $remote_user [$time_local] "$request" ' //自定义日志文件输出格式 全局设置
  10. '$status $body_bytes_sent "$http_referer" '
  11. '"$http_user_agent" "$http_x_forwarded_for"';
  12. access_log logs/access.log main; 自定义全局请求日志保存位置,全局设置,默认logs/access.log 定义格式:文件存储位置 + 日志输出格式
  13. sendfile on; //打开发送文件
  14. keepalive_timeout 0; //连接超时时间
  15. keepalive_timeout 65;
  16. gzip on; //打开gzip压缩
  17. 配置虚拟主机,基于域名、ip和端口,可以配置多个server
  18. server {
  19. listen 80; //监听端口,可以是ip:port 或者 port
  20. server_name 10.128.166.57; //监听域名,可以是ip或者域名,server_name有三种匹配方式:精准匹配(www.domain.com)、通配符匹配(*.domain.com 、www.*)、正则表达式匹配(~^(?.+)\.domain\.com$)
  21. access_log logs/host.access.log main; //自定义请求日志,局部,当前server有效
  22. error_page 500 502 503 504 /50x.html; //错误页面及其返回地址
  23. charset UTF-8; //设置字符集
  24. location / { //当访问10.128.166.57:80时
  25. proxy_pass http://10.128.166.57:80:8083; //实际上访问的时http://10.128.166.57:80:8083地址
  26. }
  27. location ^~/data { //当访问10.128.166.57:80/data
  28. proxy_pass http://10.128.166.57:80:8084; //实际上访问的时http://10.128.166.57:80:8084地址
  29. }
  30. }

参考

  1. 从一份配置清单详解Nginx服务器配置