nginx_2_web服务配置

nginx:
    server{} : 虚拟主机

    location [ = | ~ | ~* | ^~ ] URI {...} :
       
       location URI {}:
         对当前路径及子路径下的所有对象都生效
       
       location = URI {}:
         精确匹配指定的路径，不包括子路径，只对当前资源生效
       
       location ~ | ~* URI {}:
         使用正则表达式，~区分大小写，~*不区分大小写

       location ^~ URI {}:
         不使用正则表达式

       优先级: = --> ^~ --> ~,~* --> " "
         
       

    


    httpd:
      基于本地文件路径
       <DocumentRoot "">

       </DocumentRoot>
      
      基于URI
       <Location "/bbs">

       </Location>





nginx.conf

worker_processes  2;    #定义worker进程的个数

events {
    worker_connections  1024;  
}                       #定义每个worker进程的最大连接数为1024个


http {
    include        mime.types;                   #指定包含的文件
    default_type   application/octet-stream;     #默认支持的类型

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on; #nagle算法

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;          #是否进行压缩后再发送

# HTTP Server

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   /var/www/html;
            index  index.html;
           }

        location = /bbs.html {
            root   /var/www/bbs;
        allow 192.168.21.85;
            deny all;
        auth_basic    "The authentication"
        auth_basic_user_file /usr/local/nginx/.user
            
#创建用户验证文件
#[root@nginx html]# htpasswd -c -m /usr/local/nginx/.user hale
#New password:
#Re-type new password:
#Adding password for user hale

#增加一个用户test
#[root@nginx html]# htpasswd -m /usr/local/nginx/.user test
           }


#定义一个状态检测
        location /status {
            stub_status on;
            access_log off;
            allow 192.168.21.85;
            deny all;
           }


        
    error_page  404              /404.html;
        location = /404.html {
              root   html;
             }

        error_page   500 502 503 504  /50x.html;
            location = /50x.html {
              root   html;
            }

    
# HTTPS server

    server {
         listen       443;
         server_name  localhost;

         ssl                  on;
         ssl_certificate      /etc/nginx/ssl/nginx.crt;
         ssl_certificate_key  /etc/nginx/ssl/nginx.key;

         ssl_session_cache    shared:SSL:1m;
         ssl_session_timeout  5m;

         ssl_ciphers  HIGH:!aNULL:!MD5;
         ssl_prefer_server_ciphers  on;

         location / {
            root   /var/ssl;
            index  index.html index.htm;
           }

#创建SSL需要的证书CA
# [root@nginx ~]# mkdir /etc/nginx/ssl
# [root@nginx ~]# vim /etc/pki/tls/openssl.cnf   #修改dir = /etc/pki/CA
# [root@nginx ~]# cd /etc/pki/CA/
# [root@nginx CA]# (umask 077; openssl genrsa 2048 > private/cakey.pem)
# [root@nginx CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem
# [root@nginx CA]# echo 01 >serial
# [root@nginx CA]# touch index.txt
# [root@nginx CA]# ls

# [root@nginx CA]# cd /etc/nginx/ssl/
# [root@nginx ssl]# (umask 077; openssl genrsa 1024 > nginx.key)
# [root@nginx ssl]# openssl req -new -key nginx.key -out nginx.csr
# [root@nginx ssl]# openssl ca -in nginx.csr -out nginx.crt -days 3650

        }
       
   }