1.安装nginx
安装完成后检查
nginx -V
2.申请证书与上传
阿里云申请免费的证书 然后上传到某个目录
3.修改nginx配置
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 443 ssl;
server_name xxx.cn;
ssl_certificate /home/web/ssl/xxx.pem;
ssl_certificate_key /home/web/ssl/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
if ($host = xxx.cn) {
proxy_pass http://xxx.cn:9000;
}
proxy_pass http://xxx.cn:8080;
}
}
server {
listen 443 ssl;
server_name driver.xxx.cn;
# 这里证书不同
ssl_certificate /home/web/ssl/driver.xxx.cn.pem;
ssl_certificate_key /home/web/ssl/driver.xxx.cn.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://xxx:8080;
}
}
server {
listen 80;
server_name xxx.cn;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 80;
server_name driver.xxx.cn;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 8080;
server_name xxx.cn;
root /home/web/sys-flower/sys-app/;
location / {
# root html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location /blog/ {
proxy_pass https://blog.secretgardenrose.com/;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
server {
listen 9000;
server_name xxx.cn;
root /home/web/sys-flower/sys-vue/;
location / {
# root html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
}