1 默认配置nginx.conf
默认nginx配置文件路径:
/etc/nginx/nginx.conf
user www-data;worker_processes auto; # woker进程数, 通常等于CPU数量或者2倍于CPUpid /run/nginx.pid; # pid存放路径include /etc/nginx/modules-enabled/ *.conf;error_log log/error.log debug; # 错误日志存放路径 级别events {worker_connections 768;# multi_accept on;}events {worker_connections 1024; # 每个woker进程的最大连接数,默认为768# keepalive_timeout 60; # 连接保活超时时间,单位秒# use epoll; # 使用epoll的I/O 模型。linux建议epoll,FreeBSD建议采用kqueue,window下不指定。# accept_mutex on; # 设置网路连接序列化,防止惊群现象发生,默认为on# multi_accept on; # 设置一个进程是否同时接受多个网络连接,默认为off}http {sendfile on; # 开启高效文件传输模式。tcp_nopush on; # 防止网络阻塞tcp_nodelay on; # 防止网络阻塞keepalive_timeout 65; # 长连接超时时间,单位是秒types_hash_max_size 2048;access_log /var/log/nginx/access.log;error_log /var/log/nginx/error.log;gzip on; # 开启gzip压缩输出# autoindex on; # 开启目录列表访问,适合下载服务器,默认关闭。# include mime.types; # 设定mime类型,类型由mime.type文件定义# default_type application/octet-stream; # 默认文件类型,默认为text/plain# 自定义日志格式, combined为日志格式的默认值/*log_format myFormat '$remote_addr–$remote_user [$time_local] $request ''$status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for';access_log log/access.log myFormat;*/# sendfile on; # 允许sendfile方式传输文件,默认为off,可以在http块,server块,location块。# sendfile_max_chunk 100k; # 每个进程每次调用传输数量不能大于设定的值,默认为0,即不设上限。# keepalive_timeout 65; # 连接超时时间,默认为75s,可以在http,server,location块。# error_page 404 https://www.baidu.com; # 错误页include /etc/nginx/conf.d/*.conf;include /etc/nginx/sites-enabled/*;}
2 自定义配置xxx.conf
我们要在/etc/nginx/nginx.conf的基础上新增配置, 要把配置文件写在conf.d目录下
/etc/nginx/conf.d/xxx.conf
# 虚拟主机的配置,一个server就代表一个虚拟主机server {# 监听端口, 只有请求的IP和端口都相同时, 才进行资源定位listen 192.168.250.130:80;# 域名可以有多个, 用空格隔开server_name www.meiduo.site;# 资源定位location =/{root /home/ws/Desktop/meiduo/meiduo_mall/meiduo_mall/static; # 站点根目录index index.html;# 拒绝的ipdeny 127.0.0.1;# 允许的ipallow 172.18.5.54;}}
3 示例
server {listen 443 ssl;#配置HTTPS的默认访问端口为443。#如果未在此处配置HTTPS的默认访问端口,可能会造成Nginx无法启动。#如果您使用Nginx 1.15.0及以上版本,请使用listen 443 ssl代替listen 443和ssl on。server_name www.cnsjai.com; # SSL证书绑定的域名。# SSL证书ssl_certificate /etc/nginx/conf.d/cert/cnsjai-certificate/5414298_www.cnsjai.com.pem; #需要将cert-file-name.pem替换成已上传的证书文件的名称。ssl_certificate_key /etc/nginx/conf.d/cert/cnsjai-certificate/5414298_www.cnsjai.com.key; #需要将cert-file-name.key替换成已上传的证书密钥文件的名称。ssl_session_timeout 5m;ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #表示使用的TLS协议的类型。ssl_prefer_server_ciphers on;client_max_body_size 150m;client_body_buffer_size 150M;location / {alias /var/www/cnsjai.com/;index index.html index.htm;}location /static {root /var/www/cnsjai.com/;}location /cli/cms {alias /usr/src/html/production/; #站点目录。index index.html index.htm;}location /api/cms {proxy_pass http://127.0.0.1:6660/;proxy_set_header Host $host;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}location /apkurl/ {alias /opt/app_httpsserver/utils/apkpackage/;}location /apkurl_test/ {alias /opt/app_httpsserver_test/utils/apkpackage/;}location /portum/ {proxy_pass http://127.0.0.1:5678/;proxy_set_header Host $host;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_read_timeout 300;proxy_send_timeout 300;}location /y/ {proxy_pass http://127.0.0.1:10007/;proxy_set_header Host $host;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}location /test/ {proxy_pass http://127.0.0.1:5006/;proxy_set_header Host $host;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;}}
若有收获,就点个赞吧
0 人点赞
