Nignx

138 阅读1分钟

1、Nginx-Https域名配置


server {

        listen 443 ssl;
        server_name 域名;
        # 改成你的证书的名字
        ssl_certificate  证书完整路径【若在容器中,填写容器路径】.pem;
        # 你的证书的名字
        ssl_certificate_key 证书完整路径【若在容器中,填写容器路径】.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
    
    location / {

        root /usr/share/nginx/html;
        index index.html;
    }

}

server {
    listen 80;
    #填写证书绑定的域名
    server_name 域名;
    #将所有HTTP请求通过rewrite指令重定向到HTTPS。
    rewrite ^(.*)$ https://域名$1;
}

2、nginx 不同域名绑定同一个端口

新建配置文件 域名一.conf


server {

    listen 80;
    server_name 域名一;
    
    location / {
        root  /usr/share/nginx/html;
        index index.html;
    }

}

新建配置文件 域名二.conf


server {

    listen 80;
    server_name 域名二;
    
    location / {
        root  /usr/share/nginx/html;
        index index.html;
    }

}

3、负载均衡配置

upstream test-server {
    # 分配给连接数最小的服务器
    least_conn;

    server ip:port max_fails=3;
    server ip:port max_fails=3;
    server ip:port max_fails=3;
    
    keepalive 300;
    keepalive_timeout 60s;
}

server {

    listen       80;
    listen       443 ssl;
    server_name  域名;
    underscores_in_headers on;

    ssl_certificate      **.pem;
    ssl_certificate_key  **.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers  on;

    location / {
        root /usr/share/nginx/html;
        index index.html;
    }

    # 接口代理
    location /server-api {
        proxy_set_header   Host $host:$server_port;
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_connect_timeout 60;
        proxy_read_timeout 600;
        proxy_pass http://test-server;
    }
}

4、前端history代理

    location / {
        root /usr/share/nginx/html;
        index index.html;
        try_files $uri $uri/ /index.html;
    }