Nginx配置文件、Nginx配置https、Notepad高亮Nginx配置
1.配置文件
Linux下创建Nginx配置文件的软链接
# 软链接
ln -s 源文件 目标文件
# 示例: 映射/etc/nginx下的nginx.conf 到 /yang/config/nginx/nginx.conf (目标文件不需要预先创建)
ln -s /etc/nginx/nginx.conf /yang/config/nginx/nginx.conf
# 硬链接
ln 源文件 目标文件
关于软硬链接,可以看这些文章的讲解:linux的硬链接和软连接的区别、软硬链接文件、详解 Linux 中的硬链接与软链接。
1.1 HTTP
user nginx;
worker_processes auto;
pid /run/nginx.pid;
# 包含下方模块
include /usr/share/nginx/modules/*.conf;
# 错误日志
error_log /yang/logs/nginx/error.log;
events {
worker_connections 1024;
}
# http协议
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# access日志
access_log /yang/logs/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
# 80
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
# 80跳转
return 301 https://$host$request_uri;
}
# ssl
server {
#SSL 访问端口号为 443
listen 443 ssl;
#填写绑定证书的域名
server_name yang37.cn;
#证书文件名称
ssl_certificate /etc/nginx/key/ssl/yang37.cn_bundle.crt;
#私钥文件名称
ssl_certificate_key /etc/nginx/key/ssl/yang37.cn.key;
ssl_session_timeout 5m;
#请按照以下协议配置
ssl_protocols TLSv1.2 TLSv1.3;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
#网站主页路径。此路径仅供参考,具体请您按照实际目录操作。
#例如,您的网站运行目录在/etc/www下,则填写/etc/www。
root html;
index index.html index.htm;
}
}
# ssl
server {
#SSL 访问端口号为 15673
listen 15673 ssl;
#填写绑定证书的域名
server_name yang37.cn;
#证书文件名称
ssl_certificate /etc/nginx/key/ssl/yang37.cn_bundle.crt;
#私钥文件名称
ssl_certificate_key /etc/nginx/key/ssl/yang37.cn.key;
ssl_session_timeout 5m;
#请按照以下协议配置
ssl_protocols TLSv1.2 TLSv1.3;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:15672;
}
}
}
1.2 TCP
eg:利用Nginx代理Mysql
1.2.1 安装stream模块
yum install -y nginx-mod-stream
# 可以看到,下载了/usr/lib64/nginx/modules/ngx_stream_module.so文件;
1.2.2 使用stream模块
使用stream代理mysql
# 1.编辑nginx配置文件
vim /conf/nginx/nginx.conf
# 2.首行导入stream模块
load_module /usr/lib64/nginx/modules/ngx_stream_module.so;
# 3.使用nginx代理mysql
# TCP
stream{
upstream mysql{
# 提供的mysql服务器3306端口
server ip:3306;
}
server{
#监听的端口
listen 8888;
#连接超时时间
proxy_connect_timeout 10s;
#设置客户端和代理服务之间的超时时间,如果5分钟内没操作将自动断开。
proxy_timeout 300s;
# 代理mysql
proxy_pass mysql;
}
}
使用stream代理sftp
stream {
upstream sftp{
hash $remote_addr consistent;
server ip:57000;
}
server {
listen 57000;
proxy_connect_timeout 1s;
proxy_timeout 60s;
proxy_pass sftp;
}
}
1.2.3 重启/重载nginx
# 未启动的启动
nginx
# 启动了的重载
nginx -s reload
2.notepad高亮
设置notepad中高亮Nginx配置文件
<NotepadPlus>
<UserLang name="Nginx" ext="conf">
<Settings>
<Global caseIgnored="yes" escapeChar="\" />
<TreatAsSymbol comment="no" commentLine="yes" />
<Prefix words1="yes" words2="yes" words3="no" words4="no" />
</Settings>
<KeywordLists>
<Keywords name="Delimiters">000000</Keywords>
<Keywords name="Folder+">{</Keywords>
<Keywords name="Folder-">}</Keywords>
<Keywords name="Operators">' " * ; [ ] ^ ~ =</Keywords>
<Keywords name="Comment">1 1 2 2 0#</Keywords>
<Keywords name="Words1">$ CONTENT_ DOCUMENT_ GATEWAY_ HTTP_ HTTPS if_not_empty PATH_ QUERY_ REDIRECT_ REMOTE_ REQUEST_ SCGI SCRIPT_ SERVER_</Keywords>
<Keywords name="Words2">@</Keywords>
<Keywords name="Words3">http server events location include</Keywords>
<Keywords name="Words4">accept_mutex accept_mutex_delay access_log add_after_body add_before_body add_header addition_types aio alias allow ancient_browser ancient_browser_value auth auth_basic auth_basic_user_file auth_http auth_http_header auth_http_timeout autoindex autoindex_exact_size autoindex_localtime break charset charset_map charset_types chunked_transfer_encoding client_body_buffer_size client_body_in_file_only client_body_in_single_buffer client_body_temp_path client_body_timeout client_header_buffer_size client_header_timeout client_max_body_size connection_pool_size create_full_put_path daemon dav_access dav_methods debug_connection debug_points default_type deny devpoll_changes devpoll_events directio directio_alignment disable_symlinks empty_gif env epoll_events error_log error_page expires fastcgi_buffer_size fastcgi_buffers fastcgi_busy_buffers_size fastcgi_cache fastcgi_cache_bypass fastcgi_cache_key fastcgi_cache_lock fastcgi_cache_lock_timeout fastcgi_cache_methods fastcgi_cache_min_uses fastcgi_cache_path fastcgi_cache_purge fastcgi_cache_use_stale fastcgi_cache_valid fastcgi_connect_timeout fastcgi_hide_header fastcgi_ignore_client_abort fastcgi_ignore_headers fastcgi_index fastcgi_intercept_errors fastcgi_keep_conn fastcgi_max_temp_file_size fastcgi_next_upstream fastcgi_no_cache fastcgi_param fastcgi_pass fastcgi_pass_header fastcgi_read_timeout fastcgi_redirect_errors fastcgi_send_timeout fastcgi_split_path_info fastcgi_store fastcgi_store_access fastcgi_temp_file_write_size fastcgi_temp_path flv geo geoip_city geoip_country google_perftools_profiles gzip gzip_buffers gzip_comp_level gzip_disable gzip_http_version gzip_min_length gzip_proxied gzip_static gzip_types gzip_vary if if_modified_since ignore_invalid_headers image_filter image_filter_buffer image_filter_jpeg_quality image_filter_sharpen image_filter_transparency imap_capabilities imap_client_buffer include index internal ip_hash keepalive keepalive_disable keepalive_requests keepalive_timeout kqueue_changes kqueue_events large_client_header_buffers limit_conn limit_conn_log_level limit_conn_zone limit_except limit_rate limit_rate_after limit_req limit_req_log_level limit_req_zone limit_zone lingering_close lingering_time lingering_timeout listen location lock_file log_format log_format_combined log_not_found log_subrequest map map_hash_bucket_size map_hash_max_size master_process max_ranges memcached_buffer_size memcached_connect_timeout memcached_next_upstream memcached_pass memcached_read_timeout memcached_send_timeout merge_slashes min_delete_depth modern_browser modern_browser_value mp4 mp4_buffer_size mp4_max_buffer_size msie_padding msie_refresh multi_accept open_file_cache open_file_cache_errors open_file_cache_min_uses open_file_cache_valid open_log_file_cache optimize_server_names override_charset pcre_jit perl perl_modules perl_require perl_set pid pop3_auth pop3_capabilities port_in_redirect post_action postpone_output protocol proxy proxy_buffer proxy_buffer_size proxy_buffering proxy_buffers proxy_busy_buffers_size proxy_cache proxy_cache_bypass proxy_cache_key proxy_cache_lock proxy_cache_lock_timeout proxy_cache_methods proxy_cache_min_uses proxy_cache_path proxy_cache_use_stale proxy_cache_valid proxy_connect_timeout proxy_cookie_domain proxy_cookie_path proxy_headers_hash_bucket_size proxy_headers_hash_max_size proxy_hide_header proxy_http_version proxy_ignore_client_abort proxy_ignore_headers proxy_intercept_errors proxy_max_temp_file_size proxy_method proxy_next_upstream proxy_no_cache proxy_pass proxy_pass_error_message proxy_pass_header proxy_pass_request_body proxy_pass_request_headers proxy_read_timeout proxy_redirect proxy_redirect_errors proxy_send_lowat proxy_send_timeout proxy_set_body proxy_set_header proxy_ssl_session_reuse proxy_store proxy_store_access proxy_temp_file_write_size proxy_temp_path proxy_timeout proxy_upstream_fail_timeout proxy_upstream_max_fails random_index read_ahead real_ip_header recursive_error_pages request_pool_size reset_timedout_connection resolver resolver_timeout return rewrite root rtsig_overflow_events rtsig_overflow_test rtsig_overflow_threshold rtsig_signo satisfy satisfy_any secure_link_secret send_lowat send_timeout sendfile sendfile_max_chunk server server_name server_name_in_redirect server_names_hash_bucket_size server_names_hash_max_size server_tokens set set_real_ip_from smtp_auth smtp_capabilities so_keepalive source_charset split_clients ssi ssi_silent_errors ssi_types ssi_value_length ssl ssl_certificate ssl_certificate_key ssl_ciphers ssl_client_certificate ssl_crl ssl_dhparam ssl_engine ssl_prefer_server_ciphers ssl_protocols ssl_session_cache ssl_session_timeout ssl_verify_client ssl_verify_depth starttls stub_status sub_filter sub_filter_once sub_filter_types tcp_nodelay tcp_nopush timeout timer_resolution try_files types types_hash_bucket_size types_hash_max_size underscores_in_headers uninitialized_variable_warn upstream use user userid userid_domain userid_expires userid_name userid_p3p userid_path userid_service valid_referers variables_hash_bucket_size variables_hash_max_size worker_connections worker_cpu_affinity worker_priority worker_processes worker_rlimit_core worker_rlimit_nofile worker_rlimit_sigpending working_directory xclient xml_entities xslt_entities xslt_stylesheet xslt_types</Keywords>
</KeywordLists>
<Styles>
<WordsStyle name="DEFAULT" styleID="11" fgColor="000000" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="0" />
<WordsStyle name="FOLDEROPEN" styleID="12" fgColor="0000AA" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="1" />
<WordsStyle name="FOLDERCLOSE" styleID="13" fgColor="0000AA" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="1" />
<WordsStyle name="KEYWORD1" styleID="5" fgColor="AA00AA" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="0" />
<WordsStyle name="KEYWORD2" styleID="6" fgColor="0000FF" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="1" />
<WordsStyle name="KEYWORD3" styleID="7" fgColor="0000AA" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="1" />
<WordsStyle name="KEYWORD4" styleID="8" fgColor="AA0000" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="0" />
<WordsStyle name="COMMENT" styleID="1" fgColor="000000" bgColor="FFFFFF" colorStyle="0" fontName="" fontStyle="0" />
<WordsStyle name="COMMENT LINE" styleID="2" fgColor="00AA2D" bgColor="FFFFFF" colorStyle="1" fontName="" fontStyle="2" />
<WordsStyle name="NUMBER" styleID="4" fgColor="000000" bgColor="FFFFFF" colorStyle="0" fontName="" fontStyle="0" />
<WordsStyle name="OPERATOR" styleID="10" fgColor="000000" bgColor="FFFFFF" colorStyle="0" fontName="" fontStyle="0" />
<WordsStyle name="DELIMINER1" styleID="14" fgColor="000000" bgColor="FFFFFF" colorStyle="0" fontName="" fontStyle="0" />
<WordsStyle name="DELIMINER2" styleID="15" fgColor="000000" bgColor="FFFFFF" colorStyle="0" fontName="" fontStyle="0" />
<WordsStyle name="DELIMINER3" styleID="16" fgColor="000000" bgColor="FFFFFF" fontName="" fontStyle="0" />
</Styles>
</UserLang>
</NotepadPlus>
复制后随便存个名字,eg: nginx_language.xml