1.主配置/etc/nginx.conf

#/etc/nginx/nginx.conf 

user nginx;

worker_processes auto;

error_log /var/log/nginx/error.log;

pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.

include /usr/share/nginx/modules/*.conf;

events {

    worker_connections 1024;

}

http {

#    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

#                      '$status $body_bytes_sent "$http_referer" '

#                      '"$http_user_agent" "$http_x_forwarded_for"';

    log_format  main  '[$time_iso8601] $remote_addr "$request" '

                      '$status $request_time $body_bytes_sent "$http_referer" '

                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    gzip                on;

    gzip_comp_level     6;

    gzip_min_length     1024;

    gzip_types          *;

    sendfile            on;

    tcp_nopush          on;

    tcp_nodelay         on;

    keepalive_timeout   65;

    types_hash_max_size 2048;

    proxy_headers_hash_max_size 1024;

    proxy_headers_hash_bucket_size 512;

    server_names_hash_bucket_size 512;

    include             /etc/nginx/mime.types;

    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.

    # See http://nginx.org/en/docs/ngx_core_module.html#include

    # for more information.

    include /etc/nginx/conf.d/*.conf;

    include /etc/nginx/vhosts/*.conf;

}

2.网站配置

# /etc/nginx/vhosts/my.domain.com.conf

server {

    listen ;

    server_name my.domain.com;

    return  https://$host$request_uri;

    access_log  /var/log/nginx/my.domain.com.access.log  main;

    error_log   /var/log/nginx/my.domain.com.error.log;

    location / {

         proxy_pass http://localhost:3031/;

         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

         proxy_set_header X-Forwarded-Proto $scheme;

         proxy_set_header X-Forwarded-Port $server_port;

    }

    location /static/ {

        alias /var/www/my.domain.com/static/;

        autoindex off;

    }

    location /.well-known/ {

        alias /var/www/my.domain.com/.well-known/;

        autoindex off;

    }

}

server {

    listen        ssl;

    server_name  my.domain.com;

    access_log  /var/log/nginx/my.domain.com.access.log  main;

    error_log   /var/log/nginx/my.domain.com.error.log;

    ssl_certificate "/root/.getssl/my.domain.com/my.domain.com.chain.crt";

    ssl_certificate_key "/root/.getssl/my.domain.com/my.domain.com.key";

    ssl_session_cache shared:SSL:20m;

    ssl_session_timeout 60m;

    ssl_protocols TLSv1 TLSv1. TLSv1.;

    ssl_prefer_server_ciphers on;

    ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";

    location / {

         proxy_pass http://localhost:3031/;

         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

         proxy_set_header X-Forwarded-Proto $scheme;

         proxy_set_header X-Forwarded-Port $server_port;

    }

    # proxy pass php

   location ~ \.php$ {

       fastcgi_pass   127.0.0.1:;

       proxy_set_header X-Forwarded-For $remote_addr;

       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

       proxy_set_header Host $host;

       fastcgi_index  index.php;

       fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;

       include        fastcgi_params;

   }

    location /static/ {

        alias /var/www/my.domain.com/static/;

        autoindex off;

    }

    location /.well-known/ {

        alias /var/www/my.domain.com/.well-known/;

        autoindex off;

    }

    location ~* \.html$ {

        root /var/www/my.domain.com/;

        autoindex off;

    }

    location /robots.txt {

        root /var/www/my.domain.com/;

        autoindex off;

    }

}

最新文章

  1. niginx代理配置
  2. 面积(area)
  3. logrotate机制与原理[转载]
  4. [译]ABP框架使用AngularJs,ASP.NET MVC,Web API和EntityFramework构建N层架构的SPA应用程序
  5. python基础——匿名函数
  6. Atitit.web三大编程模型 Web Page Web Forms 和 MVC
  7. event 对象 小记
  8. Java正常关闭资源的方式
  9. Oracle 11g 执行计划管理1
  10. hdu 5437 Alisha’s Party 优先队列
  11. Java判断字符串是中文还是英文
  12. python的__init__几种方法总结
  13. python+flask+session写供前端使用的后台接口,实现登录保存session时报错。
  14. stm32之中断配置
  15. [转]分别使用Node.js Express 和 Koa 做简单的登录页
  16. macOS下MySQL 8.0 安装与配置教程
  17. Evaluation map and reflexive space
  18. boost学习 泛型编程之traits 学习
  19. oracle查询数据字典的sql
  20. No.15 selenium for python JavaScript

热门文章

  1. @常见的远程服务器连接工具:Xshell与secureCRT的比较!!!(对于刚接触的测试小白很有帮助哦)
  2. 进程,线程,Event Loop(事件循环),Web Worker
  3. 开源一个使用python和pyQT实现的产测工具
  4. idea新建springboot项目
  5. 波兰政府在继韩国之后也增加了对 Linux 的使用
  6. vue新窗口跳转路由
  7. 简说Python之flask-SQLAlchmey的web应用
  8. css报模块没找到 分析思路 从后往前找,先定位最后blue.less 解决:iview升级4.0 css没改导致编译不过去
  9. Jupyter NoteBook 系列之 安装启动和常用设置
  10. Http报文和Request和Response的常用方法