tengine安装:linux安装tengine_a2589293499的博客-CSDN博客
一.常用命令
启动:nginx -c /usr/local/nginx/conf/nginx.conf
停止:nginx -s stop
测试配置文件:nginx -t
重新加载配置:nginx -s reload
二.常用配置
1.引入子配置
在http模块内最后一行加入代码,然后在/usr/local/nginx/conf/conf.d文件夹下加子配置文件
include /usr/local/nginx/conf/conf.d/*.conf;
2.配置静态资源
server {
listen 80;
server_name wssaa.com;
location /static-resources {
root /nginx-static;
add_header Access-Control-Allow-Origin *;
access_log logs/static-resources.access.log;
}
}
或
server {
listen 80;
server_name wssaa.com;
location /static-resources {
alias /nginx-static;
add_header Access-Control-Allow-Origin *;
access_log logs/static-resources.access.log;
}
}
3.配置后端app服务
server {
listen 80;
server_name wssaa.com;
location /newRetail {
proxy_pass http://retailGroup;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# $1代表正则中的第一个(), 表示/apis/test会改写为/test
location /apis {
rewrite ^/apis/(.*)$ /$1 break;
proxy_pass http://retailGroup;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
upstream retailGroup {
server 172.16.32.8:8080;
server 172.16.32.9:8080;
}
4.配置重定向
server {
listen 80;
server_name wssaa.com;
location /newRetail {
return 301 https://$server_name$request_uri;
}
}
5.配置https
参考:nginx配置ssl步骤及注意事项-linux平台_nginx配置ssl注意事项_a2589293499的博客-CSDN博客
6.配置websocket
server {
listen 80;
server_name wssaa.com;
location /wss {
proxy_pass http://websocket;
proxy_read_timeout 60s;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
}
}
upstream websocket {
server 172.16.32.8:9081;
server 172.16.32.9:9081;
}
7.配置正向代理
tengine配置正向代理,其他内网机器通过代理访问外网_tengine-proxy_a2589293499的博客-CSDN博客
8.配置代理tcp协议应用,如mysql
#编译时候需要加入stream模块,参考:./configure --with-stream
#stream节点与http节点同级
stream {
server {
listen 3306;
proxy_connect_timeout 10s;
proxy_timeout 300s;
proxy_pass mysql;
}
upstream mysql {
hash $remote_addr consistent;
server 192.168.43.137:3306;
}
}
9.防止host头部攻击
server {
listen 80 default_server;
server_name _;
access_log off;
return 403;
}
10.配置错误页面跳转
proxy_intercept_errors on;
error_page 404 405 /404.html;
location = /404.html {
root /nginx-static;
}
11.
http {
proxy_buffer_size 128k;
proxy_buffers 32 128k;
proxy_busy_buffers_size 128k;
client_max_body_size 100m;
client_body_buffer_size 100m;
client_header_buffer_size 2m;
large_client_header_buffers 4 2m;
}