标签(空格分隔): linux
[toc]
官方文档 启动Nginx brew services start nginx brew services restart nginx
命令
nginx -s reload 重启,并不会立即生效
查看
nginx -t会测试配置文件的语法,并告诉你配置文件是否写得正确,同时也告诉了配置文件的路径。
nginx -T 能直接显示配置入口文件的内容。
➜ /usr nginx -t
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
upstream blended_learning{
server 10.0.0.117:7979;
# server 54.223.38.76;
}
#gzip on;
server {
listen 8281;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location /static/vue {
autoindex on;
etag off;
alias /Users/liujunyang/henry/work/rainvue/static;
}
location /static {
autoindex on;
alias /Users/liujunyang/henry/work/blended_learning/course_meta/static;
}
location /vue_images {
autoindex on;
alias /Users/liujunyang/henry/work/rainvue/vue_images;
}
location / {
proxy_pass http://blended_learning;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-Port $http_x_forwarded_port;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
}
}
include servers/*;
}
日志
常用的存放位置
/var/log/nginx/xt_yuketang_443.log
/var/log/nginx/xt_yuketang_443_error.log
配置
TODO: 整理405 post去请求静态资源的匹配location,也就是配置规则不对。
对 location 的解释:
- 一般应该把对根路径
/的匹配放最后。 - 如果是匹配的路径的话,路径最后应该有
/,否则就会被视为静态文件? 用location ^~ /oauth?
upstream xt_backend{
server 10.0.3.3:9005;
}
upstream xt_auth{
server 10.0.3.3:15768;
}
server {
listen 80;
listen 443 ssl;
server_name xt.yuketang.cn mtc-thunder.yuktang.cn;
access_log /var/log/nginx/xt_yuketang_443.log;
error_log /var/log/nginx/xt_yuketang_443_error.log;
#ssl on;
ssl_session_cache shared:SSL:50m;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_certificate /etc/ssl/b.yuketang.cn/yuktang_cn.crt;
ssl_certificate_key /etc/ssl/b.yuketang.cn/private_key.key;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
location ^~ /oauth {
proxy_pass http://xt_auth;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 500m;
}
location / {
proxy_pass http://xt_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 500m;
}
}
报错
reload失败
# 机器重启后执行 nginx -s reload 时报下面的错
nginx: [error] open() "/run/nginx.pid" failed (2: No such file or directory)
先 nginx -t 找到配置文件
再 nginx -c /etc/nginx/nginx.conf
再 nginx -s reload 即可
