未找到服务返回404
server {
listen 80;
location / {
return 404;
}
}
开启压缩
server {
gzip on;
gzip_buffers 32 4K;
gzip_comp_level 6;
gzip_min_length 100;
gzip_types application/javascript text/css text/xml;
gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持)
gzip_vary on;
}
vue 项目配置
location / {
root admin;
try_files $uri $uri/ /index.html;
}
location /index.html {
root admin;
#设置缓存上面定义的后缀文件缓存到浏览器的生存时间
add_header Cache-Control no-store;
}
转发ip
upstream admin-api{
server 127.0.0.1:8083;
}
server{
listen 80;
server_name localhost 127.0.0.1;
location / {
rewrite ^/api/(.*) /$1 break;
proxy_pass http://admin-api;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-Port $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
跨域
server{
listen 80;
server_name localhost 127.0.0.1;
location / {
root /workspace/nginx/meeting/meeting-front;
try_files $uri $uri/ /index.html;
}
location /index.html {
root /workspace/nginx/meeting/meeting-front;
#设置缓存上面定义的后缀文件缓存到浏览器的生存时间
add_header Cache-Control no-store;
}
location /api {
# 指定允许跨域的方法,*代表所有
add_header Access-Control-Allow-Methods "POST, GET, OPTIONS";
# 预检命令的缓存,如果不缓存每次会发送两次请求
# add_header Access-Control-Max-Age 3600;
# 带cookie请求需要加上这个字段,并设置为true
add_header Access-Control-Allow-Credentials true;
# 表示允许这个域跨域调用(客户端发送请求的域名和端口)
# $http_origin动态获取请求客户端请求的域 不用*的原因是带cookie的请求不支持*号
add_header Access-Control-Allow-Origin $http_origin;
# 表示请求头的字段 动态获取
add_header Access-Control-Allow-Headers $http_access_control_request_headers;
# OPTIONS预检命令,预检命令通过时才发送请求
# 检查请求的类型是不是预检命令
if ($request_method = OPTIONS){
return 204;
}
rewrite ^/api/(.*) /$1 break;
proxy_pass http://localhost:10041;
}
}
https, ssl, 443端口
server {
listen 443;
server_name admin.xxx.cn;
ssl on;
ssl_certificate /usr/local/nginx/ssl/5423111_admin.xxx.cn.pem;
ssl_certificate_key /usr/local/nginx/ssl/5423111_admin.xxx.cn.key;
location / {
root admin;
try_files $uri $uri/ /index.html;
}
location /index.html {
root admin;
#设置缓存上面定义的后缀文件缓存到浏览器的生存时间
add_header Cache-Control no-store;
}
location /api {
rewrite ^/api/(.*) /$1 break;
proxy_pass http://admin-api;
#### 微信H5支付 获取用户端ip用 结束 start ========
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-Port $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#### 微信H5支付 获取用户端ip用 结束 end ========
}
gzip on;
gzip_buffers 32 4K;
gzip_comp_level 6;
gzip_min_length 100;
gzip_types application/javascript text/css text/xml;
gzip_disable "MSIE [1-6]\."; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持)
gzip_vary on;
}
设置开机自启
编译安装设置开机启动
vim /etc/systemd/system/nginx.service 输入如下内容:
[Unit]
# vim /etc/systemd/system/nginx.service
# ps -aux | grep nginx
# 启动nginx
# systemctl start nginx
# 停止nginx
# systemctl stop nginx
# 重启nginx
# systemctl restart nginx
# 查看nginx状态
# systemctl status frps
# 配置 nginx 开机自启
# systemctl enable nginx
Description=The nginx HTTP and reverse proxy server
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/usr/local/nginx/logs/nginx.pid
# Nginx will fail to start if /usr/local/nginx/logs/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /usr/local/nginx/logs/nginx.pid
#ExecStartPre=/usr/sbin/nginx -t
ExecStartPre=/usr/bin/nginx -t
#ExecStart=/usr/sbin/nginx
ExecStart=/usr/bin/nginx
#ExecReload=/usr/sbin/nginx -s reload
ExecReload=/usr/bin/nginx -s reload
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
配置 nginx 开机自启
ps -aux | grep nginx
# 启动nginx
systemctl start nginx
# 停止nginx
systemctl stop nginx
# 重启nginx
systemctl restart nginx
# 查看nginx状态
systemctl status frps
# 配置 nginx 开机自启
systemctl enable nginx
yum 安装时service配置
yum 安装: phoenixnap.com/kb/install-…
service配置位置: /usr/lib/systemd/system/nginx.service
[Unit]
Description=The nginx HTTP and reverse proxy server
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/run/nginx.pid
# Nginx will fail to start if /run/nginx.pid already exists but has the wrong
# SELinux context. This might happen when running `nginx -t` from the cmdline.
# https://bugzilla.redhat.com/show_bug.cgi?id=1268621
ExecStartPre=/usr/bin/rm -f /run/nginx.pid
ExecStartPre=/usr/sbin/nginx -t
ExecStart=/usr/sbin/nginx
ExecReload=/usr/sbin/nginx -s reload
KillSignal=SIGQUIT
TimeoutStopSec=5
KillMode=process
PrivateTmp=true
[Install]
WantedBy=multi-user.target
listen ip:port 和 listen port;server_name ip;使用注意事项
$host $http_host 区别:
$host 含义:
官网解释:链接
优先级:请求行的主机名[1] > 请求头字段 Host 中的主机名[2] > 与请求匹配的服务器名称[3]
ip或域名,不包含端口;如:访问
http://www.juejin.cn:300, 主机名就是www.juejin.cn;访问http://192.168.1.128:8000主机名就是192.168.1.128
1. [1]请求行的主机名
请求地址中的主机名,如图请求地址为 http://localhost:81 ,那么 $host 值为 localhost
2. [2]请求头字段 Host 的值中的主机名
如图请求头 Host 值为 localhost:81,那 $host 值为 localhost
3. [3]与请求匹配的服务器名称
此时的 $host = $server_name , 比如 nginx 配置如下:
server {
listen 81;
server_name h5.juejin.cn locahost;
rewrite ^/(.*) https://$http_host/$1 redirect;
}
访问地址为 http://h5.juejin.cn:81 时,$server_name 值为 h5.juejin.cn
访问地址为 http://localhost:81 时,注意 $server_name 值还是为 h5.juejin.cn
$http_host 含义
请求头字段 Host 的值,既包含主机名[主机名],也包含端口
访问地址为 http://h5.juejin.cn:81 时,$http_host 值为 h5.juejin.cn:81
访问地址为 http://localhost:81 时,注意 $server_name 值还是为 h5.juejin.cn
如图请求头 Host 值为 localhost:81,那 $http_host 值为 localhost:81
1. 重定向
server {
listen 80;
server_name h5.juejin.cn;
location / {
if ($scheme = 'http'){
## 永久重定向至 https ; 需要注意到底使用 $host 还是 $http_host
return 301 https://$host$request_uri;
## 永久重定向至 https
rewrite ^(.*) https://$server_name$1 permanent;
## 临时重定向至 https
rewrite ^(.*) https://$server_name$1 permanent;
rewrite ^/(.*) /test/$1 redirect;
}
}
}
如何在同一个域名下访问测试版和正式版
使用场景:在微信公众号授权域名 h5.juejin.cn 下既可以访问正式版,也可以访问测试版 来一起增进功力啊✨
复制流量
## 配置在 location 域
location /api/weixin/portal{
mirror /mirror;
mirror_request_body on;
rewrite ^/api/(.*) /$1 break;
proxy_pass http://localhost:10012;
}
############ 复制微信回调到另一个服务器 ############
location = /mirror {
internal;
# rewrite ^/api/(.*) /$1 break;
# proxy_pass http://36.112.158.149:34568/api/weixin/portal/xxxxxx?signature=aaaa;
proxy_pass http://ip:34568$request_uri;
}
## 配置在 server 域
server {
listen 127.0.0.1:8080;
mirror_request_body off;
mirror /mirror1;
mirror /mirror2;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $remote_port;
proxy_http_version 1.0;
limit_req zone=req10k burst=1000;
location / {
proxy_pass http://up_server;
}
location = /mirror1 {
internal;
proxy_read_timeout 0;
proxy_connect_timeout 500ms;
proxy_pass http://up_mirror1$request_uri;
}
location = /mirror2 {
internal;
proxy_read_timeout 0;
proxy_connect_timeout 1s;
proxy_next_upstream off;
proxy_pass http://up_mirror2$request_uri;
}
}
upstream up_mirror1 {
server 127.0.0.1:998 weight=20 max_fails=0;
}
upstream up_mirror2 {
server 127.0.0.1:999 weight=20 max_fails=0;
}
