强大的WEB服务器-Nginx
今天跟我一起折腾一下nginx服务器,首先简单介绍一下nginx服务器
NGINX官网
NGINX
nginx作为web服务器,可以使用反向代理、负载均衡、邮件代理;大多数使用nginx的场景是反向代理和负载均衡
背景介绍
vue+springboot项目
http转变https
有一个端口做转接,反向代理不同后段端口
完整的nginx.conf配置文件如下,添加注释的地方基本都需要根据自己的场景相对应的修改
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
# 关闭服务器版本信息
server_tokens off;
# 负载,此处做的不同服务器8081的负载
upstream upserver {
server tomcat1:8081;
server tomcat2:8081;
}
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80;
server_name 域名;
#此处做if判断,拦截所有非域名访问的url,返回403;此处配置方式是拦截所有url放行域名的配置方式之一
if ($host != '域名'){
return 403;
}
ssl on;
root /www;
index index.nginx-debian.html index.html index.htm;
ssl_certificate test.com.pem;# 生成的ssl.pem
ssl_certificate_key test.com.key;# 生成的ssl.key
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /{
index index.html;
try_files $uri $uri/ /index.html;
}
}
server {
listen 8230;
server_name 域名;
if ($host != '域名'){
return 403;
}
# 开启ssl
ssl on;
root /www;
index index.nginx-debian.html index.html index.htm;
ssl_certificate test.com.pem; # ssl.pem
ssl_certificate_key test.com.key;# ssl.pem
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /{
index index.html;
# 防止vue 项目history模式下刷新页面404
try_files $uri $uri/ /index.html;
}
# 针对/ws url开头的做特殊处理
location /ws {
proxy_pass http://upserver;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $Server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
# 配置websocket使用的请求头
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# 针对/api开头的url做特殊处理
location /api {
proxy_pass http://apiserver;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $Server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
}
技术点
反向代理
location /ws {
#反向代理地址 此处ddupserver是上方配置的负载均衡服务器
proxy_pass http://upserver;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $Server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
# 配置websocket使用的请求头
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
ssl证书
server节点中配置我们生成证书的路径,可以是绝对路径
ssl_certificate test.com.pem; # ssl.pem
ssl_certificate_key test.com.key;# ssl.pem
websocket链接nginx配置
# 配置websocket使用的请求头
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
websocket链接,https
前端链接websocket要使用wss://
不能使用ws://
vue项目history模式使用nginx部署404
vue官方解决方案
location /{
index index.html;
try_files $uri $uri/ /index.html;
}
-----------------------------END--------------------------------------
关注微信公众号获取最新文章
原文地址
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 周边上新:园子的第一款马克杯温暖上架
· Open-Sora 2.0 重磅开源!
· 分享 3 个 .NET 开源的文件压缩处理库,助力快速实现文件压缩解压功能!
· Ollama——大语言模型本地部署的极速利器
· DeepSeek如何颠覆传统软件测试?测试工程师会被淘汰吗?