https://blog.csdn.net/z920954494/article/details/52132125
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
--with-http_v2_module --with-http_realip_module --with-stream --with-stream_ssl_module
# 安装到/usr/local/nginx目录 启用ssl 支持http2 启用real ip 用来实现四层协议的转发 代理 或负载均衡等 用于流代理服务器与ssl/tls 协议工作必要的支持
make
make install
使用systemctl接管nginx
vim /etc/systemd/system/nginx.service
# 保存下面的值
[Unit]
Description=nginx - high performance web server
After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
[Install]
WantedBy=multi-user.target
刷新 systemctl 查看nginx状态
systemctl daemon-reload
systemctl status nginx
nginx 配置 测试服务
upstream strategyService{
server 127.0.0.1:8101;
server 127.0.0.1:8102;
server 127.0.0.1:8103;
server 127.0.0.1:8104;
}
proxy_next_upstream error;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location /strategyService{
real_ip_header X-Forwarded-For;
rewrite ^/strategyService/(.*)$ /$1 break;
proxy_pass http://strategyService;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
nginx 配置证书
upstream ssService {
server 127.0.0.1:8000;
server 127.0.0.1:8001;
server 127.0.0.1:8002;
server 127.0.0.1:8003;
}
server {
listen 443;
server_name nsquant.com;
#charset koi8-r;
#access_log logs/host.access.log main;
ssl on;
ssl_certificate /usr/local/nginx/conf/cert/2608100_www.nsquant.com.pem;
ssl_certificate_key /usr/local/nginx/conf/cert/2608100_www.nsquant.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /myServices/web_nsj;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
#error_page 404 /404.html;
location /strategyShop {
real_ip_header X-Forwarded-For;
rewrite ^/strategyShop/(.*)$ /$1 break;
proxy_pass http://ssService;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
}
}
server {
listen 80;
server_name nsquant.com;
rewrite ^(.*)$ https://$host$1 permanent;
}