centos 7 配置nginx
安装nginx:
curl -o nginx.rpm http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
rpm -ivh nginx.rpm
yum install nginx
启动nginx:
systemctl start nginx
激活服务:
systemctl enable nginx
防火墙开放80端口:
firewall-cmd --zone=public --add-port=80/tcp --permanent
systemctl restart firewalld
修改nginx配置文件:
vi /etc/nginx/conf.d/default.conf
内容如下:
server { listen 80;
server_name domain.com www.domain.com;
location / {
proxy_pass http://localhost:9888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
proxy_set_header Connection "upgrade"; 表示支持websocket
nginx代理的websocket,如果1分钟内没有任何通讯,websocket会自动端口,所以可以考虑20秒做个心跳包,或者有个比较好的断开自动重连的机制
SELinux白名单:
yum install policycoreutils-python
sudo cat /var/log/audit/audit.log | grep nginx | grep denied | audit2allow -M mynginx
sudo semodule -i mynginx.pp
重启nginx:
nginx –s reload
浏览器输入:http://192.168.136.138/ ,正常访问9888端口的网站
server_name配置规则参考(支持正则表达式):
server_name domain.com www.domain.com;
server_name *.domain.com;
server_name www.*;
server_name ~^(?.+)\.domain\.com$;