文章详细描述了如何在Linux系统上配置Web服务器,包括指定不同站点的IP地址、默认访问目录,以及为登录站点设置强制HTTPS并配置SSL证书。还涉及DNS记录和基本的文件结构管理。
搭建web服务器要求如下:
1.web服务器的主机ip:172.25.254.100
2.web服务器的默认访问目录为/var/www/html
默认发布内容为default‘s page
3.站点news.timinglee.org默认发布目录为/var/www/virtual/timinglee.org/news
默认发布内容为 news.timinglee.org
4.站点login.timinglee.org在被访问时必须强制走加密协议,其默认发布目录为/var/www/virtual/timinglee.org/login
默认发布内容为login.timinglee.org
[root@webserver ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.100 netmask 255.255.255.0 broadcast 172.25.254.255
[root@webserver ~]# vim /etc/nginx/nginx.conf
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name _;
root /var/www/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
include /usr/share/nginx/modules/*.conf;
[root@webserver nginx]# vim /etc/nginx/conf.d/vhosts.conf
server {
listen 80;
server_name news.timinglee.org;
root /var/www/virtual/timinglee.org/news;
index index.html;
}
server {
listen 80;
server_name login.timinglee.org;
rewrite ^/(.*)$ https://login.timinglee.org/$1 permanent;
}
server {
listen 443 ssl;
server_name login.timinglee.org;
ssl_certificate "/etc/nginx/certs/timinglee.org.crt";
ssl_certificate_key "/etc/nginx/certs/timinglee.org.key";
root /var/www/virtual/timinglee.org/login;
index index.html;
}
[root@webserver nginx]# mkdir certs
[root@webserver certs]# openssl req -newkey rsa:2048 -nodes -sha256 -keyout /etc/nginx/certs/timinglee.org.key -x509 -days 365 -out /etc/nginx/certs/timinglee.org.crt
...+.....+.+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+.....+.........+..................+...+....+..+...+............+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.....................+...+..+...+..........+......+.....+....+...+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
...+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+......+..........+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.........+.......+..+.+...........+...............+...+.............+.....+..................+.........+...+.........+.........+............+....+...+......+............+..+.......+...+..+.+.....+...+.+..............+........................+......+............+.......+...+........+......+...+......+.+...+..+......+...+.+..............................+...+..+....+..+.............+..+.........+...+.............+...+...........+......+...+.......+...+...........+...+...+.............+..+...+....+.....+.+.....+.+........+.......+......+..+.+..............+...+....+......+............+...+............+.....+.+.........+......+..+.........+....+......+...........+.......+..+...+...+.......+..+....+............+.........+...+......+.........+.....+......+.+...+...+.................+...............+......+.+.....+................+..+...............+.+..+...+....+............+.........+.....+.+........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:CN
State or Province Name (full name) []:Shanxi
Locality Name (eg, city) [Default City]:XI'an
Organization Name (eg, company) [Default Company Ltd]:timinglee
Organizational Unit Name (eg, section) []:webserver
Common Name (eg, your name or your server's hostname) []:www.timinglee.org
Email Address []:admin@timinglee.org
[root@webserver html]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.25.254.100 server100.timinglee.org news.timinglee.org login.timinglee.org
[root@webserver html]# nmcli connection reload
[root@webserver nginx]# mkdir -p /var/www/html
[root@webserver html]# vim index.html
default‘s page
[root@webserver html]# mkdir -p /var/www/virtual/timinglee.org/news
[root@webserver news]# vim index.html
news.timinglee.org
[root@webserver news]# mkdir /var/www/virtual/timinglee.org/login
[root@webserver login]# vim index.html
login.timinglee.org
测试:
[root@webserver html]# curl 172.25.254.100
default‘s page
[root@webserver news]# curl news.timinglee.org
news.timinglee.org
5423
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
