nginx学习记录【二】nginx跟.net core结合,实现一个域名访问多个.net core应用
1、实现转发
打开conf下的nginx.conf文件,如下图:
2、添加.net core网站的转发
按下面的进行修改,修改完后,就把localhost的80转发到了https://localhost:5004的.net core应用上了。
server { listen 80; server_name localhost; location / { proxy_pass https://localhost:5004; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
3、同一个端口下添加多个.net core应用
设置完后,就可以通过 localhost:83 访问 https://localhost:5004的网站,通过localhost:83/api 访问https://localhost:44378的网站
server { listen 83; server_name localhost; location / { proxy_pass https://localhost:5004; } location ^~/api/ { proxy_pass https://localhost:44378/; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
注意二级目录转的时候,子目录后面要有斜扛,转发的那个地址后面也要有斜扛,如下:
location /data/ { proxy_pass https://localhost:5006/; }
4、同一个端口,多个域名的支持
server { listen 80; server_name www.aaa.com; location / { proxy_pass http://localhost:8081; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } server { listen 80; server_name www.bbb.com; location / { proxy_pass http://localhost:8082; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
5、实现https支持
server { listen 443 ssl; server_name localhost; ssl_certificate ..\ssl\5859212_www.aaa.com.pem; ssl_certificate_key ..\ssl\5859212_www.aaa.com.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; location / { proxy_pass http://localhost:8081; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
如果想实现http自动跳转到https,可以再加一个server,如下:
server { listen 80; server_name localhost; rewrite ^(.*) https://$server_name$1 permanent; }
6、在IdentityServer4中的使用
如果想在identityserver4里使用必须加上下面的逻辑
location / { proxy_pass https://localhost:5005; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect off; proxy_buffering off; expires 0; }
