Nginx 常用配置清单

category: arch tags: [arch] keywords: 架构

以下文章来源于小哈学Java

以下文章来源于海拉姆

Nginx的配置说明玖拾书

Nginx配置配置文件详解WanJiaBaoBao

正文

Nginx 是一个高性能的 HTTP 和反向代理 web 服务器，同时也提供了 IMAP/POP3/SMTP 服务，其因丰富的功能集、稳定性、示例配置文件和低系统资源的消耗受到了开发者的欢迎。本文，我们总结了一些常用的 Nginx 配置代码，希望对大家有所帮助。

0.示例文件

一级转发

二级转发

Nginx页面配置nginxWebUI

1.侦听端口

 server {
    # Standard HTTP Protocol 
    listen 80;
    # Standard HTTPS Protocol 
    listen 443 ssl;
    # For http2  
    listen 443 ssl http2;
    # Listen on 80 using IPv6 
    listen [::]:80;
    # Listen only on using IPv6 
    listen [::]:80 ipv6only=on;
} 

2.访问日志

 server {
    # Relative or full path to log file 
    access_log /path/to/file.log;
    # Turn 'on' or 'off'  
    access_log on;
} 

3.域名

 server {
    # Listen to yourdomain.com 
    server_name yourdomain.com;
    # Listen to multiple domains  server_name yourdomain.com www.yourdomain.com; 
    # Listen to all domains
    server_name *.yourdomain.com;
    # Listen to all top-level domains 
    server_name yourdomain.*;
    # Listen to unspecified Hostnames (Listens to IP address itself) 
    server_name "";
} 

4.静态资产

 server {
    listen 80;
    server_name yourdomain.com;
    location / {
    root /path/to/website;
    }
} 

5.重定向

 server {
    listen 80;
    server_name www.yourdomain.com;
    return 301 http://yourdomain.com$request_uri;
    }
server {
    listen 80;
    server_name www.yourdomain.com;
    location /redirect-url {
    return 301 http://otherdomain.com;
    }
} 

6.反向代理

 server {
    listen 80;
    server_name yourdomain.com;
    location / {
    proxy_pass http://0.0.0.0:3000;
    # where 0.0.0.0:3000 is your application server (Ex: node.js) bound on 0.0.0.0 listening on port 3000  
    }
} 

7.负载均衡

 upstream node_js {
    server 0.0.0.0:3000;
    server 0.0.0.0:4000;
    server 123.131.121.122;
    }
server {
    listen 80;
    server_name yourdomain.com;
    location / {
    proxy_pass http://node_js;
    }
} 

8.SSL 协议

 server {
    listen 443 ssl;
    server_name yourdomain.com;
    ssl on;
    ssl_certificate /path/to/cert.pem;
    ssl_certificate_key /path/to/privatekey.pem;
    ssl_stapling on;
    ssl_stapling_verify on;
    ssl_trusted_certificate /path/to/fullchain.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_session_timeout 1h;
    ssl_session_cache shared:SSL:50m;
    add_header Strict-Transport-Security max-age=15768000;
    }
# Permanent Redirect for HTTP to HTTPS
server{
    listen 80;
    server_name yourdomain.com;
    return 301 https://$host$request_uri;
    } 

9.alias & root 的区别

root和alias都是nginx指定文件路径的方式

[root]

语法：root path

默认值：root html

配置段：http、server、location、if

[alias]

语法：alias path

配置段：location

区别在于:nginx如何解释location后面的uri

root的处理结果是： root路径＋location路径

alias的处理结果是：使用alias路径替换location路径

root实例：

       location  /ying/ {
       root /www/root/html/;
        }

如果一个请求的URI是/ying/a.html时，web服务器将会返回服务器上的/www/root/html/ying/a.html的文件。

alias实例：

         location   /ying/ {
         alias /www/root/html/new_t/;
         }

如果一个请求的URI是/ying/a.html时，web服务器将会返回服务器上的/www/root/html/new_t/a.html的文件。

10.配置ajax请求跨域

nginx配置：

server {
    listen       18081;
    server_name  localhost;
    access_log  /var/log/nginx/11.access.log ;
    error_log   /var/log/nginx/11.error.log  notice;


            location  / {
                add_header 'Access-Control-Allow-Origin' '*';
                add_header 'Access-Control-Allow-Credentials' 'true';
                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
                add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
                proxy_pass http://ip:port/;
    }
}

说明:

nginx监听18081端口，如果是访问的18081端口则进入监听，add_header四行即为配置的跨域信息， proxy_pass即为实际要访问的请求地址，

如服务器地址为192.168.60.11，服务器上有个tomcat端口为8080，外部ajax需要访问该tomcat时, 只需要在proxy_pass配置为http://192.168.60.11:8080/,并重启nginx生效，则外部访问192.168.60.11:18081时就会自动代理至http://192.168.60.11:8080/,

正文