切換到目錄/usr/local/nginx/sbin,/usr/local為nginx的默認安裝目錄
#啟動 ./nginx #查看命令幫助 ./nginx -h 驗證配置文件狀態 ./nginx -t #編輯配置文件 vim /usr/local/nginx/conf/nginx.conf
# 重新載入配置文件
./nginx -s reload
# 重啟 Nginx
./nginx -s reopen
# 停止 Nginx
./nginx -s stop(quit)
下面是nginx配置文件的詳解參考:
https://www.cnblogs.com/liang-wei/p/5849771.html
https://www.cnblogs.com/xuey/p/7631690.html
https://blog.csdn.net/jackliu16/article/details/79444327
#user nobody; #nginx進程數,建議設置為等於CPU總核心數 worker_processes 1;
#全局錯誤日志定義類型,[ debug | info | notice | warn | error | crit ] #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info;
#進程文件 #pid logs/nginx.pid; #工作模式與連接數上限 events { #參考事件模型,use [ kqueue | rtsig | epoll | /dev/poll | select | poll ]; epoll模型是Linux 2.6以上版本內核中的高性能網絡I/O模型,如果跑在FreeBSD上面,就用kqueue模型。
#use epoll; #單個進程最大連接數(最大連接數=連接數*進程數) worker_connections 1024; } #設定http服務器 http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; #==客戶端鏈接超時時間 keepalive_timeout 65;
#開啟gzip壓縮功能 #gzip on; #當配置多個server節點時,默認server names的緩存區大小就不夠了,需要手動設置大一點 server_names_hash_bucket_size 512; #server表示虛擬主機可以理解為一個站點,可以配置多個server節點搭建多個站點 #每一個請求進來確定使用哪個server由server_name確定 server { #監聽端口 listen 8800; #域名可以有多個,用空格隔開 server_name localhost; #編碼格式,避免url參數亂碼 charset utf-8; #access_log logs/host.access.log main; #location用來匹配同一域名下多個URI的訪問規則 #比如動態資源如何跳轉,靜態資源如何跳轉等 #location后面跟着的/代表匹配規則 location / { #站點根目錄,可以是相對路徑,也可以使絕對路徑 root html; #默認主頁 index index.html index.htm; #轉發后端站點地址,一般用於做軟負載,輪詢后端服務器 #proxy_pass http://10.11.12.237:8080; #拒絕請求,返回403,一般用於某些目錄禁止訪問 #deny all; #允許請求 #allow all; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; #重新定義或者添加發往后端服務器的請求頭 #給請求頭中添加客戶請求主機名 proxy_set_header Host $host; #給請求頭中添加客戶端IP proxy_set_header X-Real-IP $remote_addr; #將$remote_addr變量值添加在客戶端“X-Forwarded-For”請求頭的后面,並以逗號分隔。 如果客戶端請求未攜帶“X-Forwarded-For”請求頭,$proxy_add_x_forwarded_for變量值將與$remote_addr變量相同 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #給請求頭中添加客戶端的Cookie proxy_set_header Cookie $http_cookie; #將使用代理服務器的主域名和端口號來替換。如果端口是80,可以不加。 proxy_redirect off; #瀏覽器對 Cookie 有很多限制,如果 Cookie 的 Domain 部分與當前頁面的 Domain 不匹配就無法寫入。 #所以如果請求 A 域名,服務器 proxy_pass 到 B 域名,然后 B 服務器輸出 Domian=B 的 Cookie, #前端的頁面依然停留在 A 域名上,於是瀏覽器就無法將 Cookie 寫入。 #不僅是域名,瀏覽器對 Path 也有限制。我們經常會 proxy_pass 到目標服務器的某個 Path 下, #不把這個 Path 暴露給瀏覽器。這時候如果目標服務器的 Cookie 寫死了 Path 也會出現 Cookie 無法寫入的問題。 #設置“Set-Cookie”響應頭中的domain屬性的替換文本,其值可以為一個字符串、正則表達式的模式或一個引用的變量 #轉發后端服務器如果需要Cookie則需要將cookie domain也進行轉換,否則前端域名與后端域名不一致cookie就會無法存取 #配置規則:proxy_cookie_domain serverDomain(后端服務器域) nginxDomain(nginx服務器域) proxy_cookie_domain localhost .testcaigou800.com; #取消當前配置級別的所有proxy_cookie_domain指令 #proxy_cookie_domain off; #與后端服務器建立連接的超時時間。一般不可能大於75秒; proxy_connect_timeout 30; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } #當需要對同一端口監聽多個域名時,使用如下配置,端口相同域名不同,server_name也可以使用正則進行配置 #但要注意server過多需要手動擴大server_names_hash_bucket_size緩存區大小 server { listen 80; server_name www.abc.com; charset utf-8; location / { proxy_pass http://localhost:10001; } } server { listen 80; server_name aaa.abc.com; charset utf-8; location / { proxy_pass http://localhost:20002; } } }
我們項目只用了方向代理的功能,使用實例:
#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; client_max_body_size 2000m; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 600; fastcgi_connect_timeout 600; fastcgi_send_timeout 600; fastcgi_read_timeout 600; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; #gzip on; server { listen 7000; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # }; #} upstream tomcate_server{ server 10.xx.xx.248:6800; } server { listen 8000; server_name localhost; location /api/sr_firewall { proxy_redirect off; proxy_pass http://10.xx.xx.248:8005; } location /user_manager { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_network/v2 { proxy_redirect off; proxy_pass http://127.0.0.1:8004; } location /sr_sys { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_dev_manager { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_public { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_fire { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_device_automation { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_script { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_network { proxy_redirect off; proxy_pass http://10.xx.xx.248:8010; } location /sr_f5_manage { proxy_redirect off; proxy_pass http://10.xx.xx.248:8007; } location /api/sr_f5_manager { proxy_redirect off; proxy_pass http://10.xx.xx.248:8007; } location /sr_ip { proxy_redirect off; proxy_pass http://10.xx.xx.248:18012; } location /sr_data_collection { proxy_redirect off; proxy_pass http://10.xx.xx.248:8011; } location /api/v1/sunrun/data_collection { proxy_redirect off; proxy_pass http://10.xx.xx.248:8011; } location / { proxy_pass http://tomcate_server; } location /.(html|js|css|png|gif|scss)$ { root E:\auto-apache-tomcat-8.5.28\webapps\sr_centre; } } # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }
proxy_redirect的作用和配置方法:
https://bluedest.iteye.com/blog/740302