Nginx的那些事
跳到导航
跳到搜索
目录
symbolic
有意思的 include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; root@debian:/etc/nginx/sites-enabled# pwd /etc/nginx/sites-enabled root@debian:/etc/nginx/sites-enabled# file default default: symbolic link to /etc/nginx/sites-available/default
nginx conf
80 443 共存
server { listen 80; listen 443 ssl; server_name www.iamle.com; index index.html index.htm index.php; root /home/wwwroot/www.iamle.com/; #ssl on; 这里要注释掉 ssl_certificate /usr/local/nginx/conf/ssl/www_iamle_com.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/www_iamle_com.key; #以下配置省略 }
sns 线上
cat www.cai.net.conf upstream proxy_node_nuxt.net { #fair; #ip_hash; #hash $clientRealIp; #server 176.24.18.94:3333 weight=1 max_fails=2 fail_timeout=10s ; #old #server 172.16.200.14:3333 weight=1 max_fails=2 fail_timeout=10s; } server { listen 80; listen [::]:80; #listen 443 ssl http2; #listen [::]:443 ssl http2; server_name www.cai.net cai.net; # return 301 https://www.cai.net$request_uri; rewrite ^(.*)$ https://$host$1 permanent; } server { listen 443 ssl http2; listen [::]:443 ssl http2; # listen 443 ssl; server_name www.cai.net cai.net; # if ( $host = 'www.cai.net' ) { # rewrite ^/(.*)$ https://www.cai.net/$1 permanent; # } if ( $host = 'cai.net' ) { rewrite ^/(.*)$ https://www.cai.net/$1 permanent; } root /data/www/www.cai.net; index index.html index.htm; ssl_certificate /etc/nginx/ssl/cai.net.crt; ssl_certificate_key /etc/nginx/ssl/cai.net.key; #by evan # if ($scheme = http) { # return 301 https://$server_name$request_uri; # } #by evan location ~ /360_ssp_verify\.txt { root /var/www; } location /nginx_status { stub_status on; access_log off; allow 183.6.50.25; allow 39.104.176.12; allow 45.114.170.162; allow 127.0.0.1; deny all; } location /download/ { root /var/www; } location ^~ /.well-known/pki-validation/ { alias /var/www/pki-validation/; log_not_found off; } merge_slashes off; rewrite ^([^.]*?\/)\/+(.*)$ $1$2 permanent; location / { proxy_pass http://proxy_node_nuxt.net; } ##evan # 去html rewrite ^/(.+)\.html /$1 last; # rewrite ^/info/$ /info/alerts/ last; error_log /var/log/nginx/www.cai.net.error.log; access_log /var/log/nginx/www.cai.net.access.log; # include /etc/nginx/sites-available/blockips.conf; }
下载站
cat manage.88.com.conf server { listen 80; server_name manage.88.com; rewrite ^/(.*)$ https://manage.88.com:443/$1 permanent; access_log /data/wwwlogs/application-management_nginx.log combined; index index.php index.html; root /home/containers_data/nginx/wwwroot/application-management/public; #error_page 404 /404.html; #error_page 502 /502.html; #location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ { # valid_referers none blocked *.bidd.pro manage.88.com; # if ($invalid_referer) { # return 403; # } #} location / { try_files $uri $uri/ /index.php$is_args$args; } location ~ \.php$ { root /var/www/application-management/public; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ { expires 30d; access_log off; } location ~ .*\.(js|css)?$ { expires 7d; access_log off; } location ~ /\.ht { deny all; } } server { listen 443 ssl; server_name manage.88.com; # ssl on; ssl_certificate /usr/local/nginx/conf/ssl/STAR.88.com.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/STAR.88.com.key; # ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # ssl_certificate /usr/local/nginx/conf/ssl/STAR.88.com.crt; # ssl_certificate_key /usr/local/nginx/conf/ssl/STAR.88.com.key; # ssl_session_timeout 5m; # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; # ssl_prefer_server_ciphers on; access_log /data/wwwlogs/application-management_nginx.log combined; index index.php index.html; root /home/containers_data/nginx/wwwroot/application-management/public; #error_page 404 /404.html; #error_page 502 /502.html; #location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ { # valid_referers none blocked *.bidd.pro manage.88.com; # if ($invalid_referer) { # return 403; # } #} location / { try_files $uri $uri/ /index.php$is_args$args; } location ~ \.php$ { root /var/www/application-management/public; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ { expires 30d; access_log off; } location ~ .*\.(js|css)?$ { expires 7d; access_log off; } location ~ /\.ht { deny all; } }
troubleshooting
域名重复
f.d]# nginx -t nginx: [warn] conflicting server name "testbot.hailu.pro" on 0.0.0.0:88, ignored nginx: [warn] conflicting server name "testbot.hailu.pro" on 0.0.0.0:8443, ignored nginx: the configuration file /etc/nginx/nginx.conf syntax is ok [root@10-8-2-235 conf.d]# head -n 5 hellotestzuulintra.conf server { listen 88; listen [::]:88; server_name testbot.hailu.pro; return 301 https://$server_name:8443$request_uri; [root@10-8-2-235 conf.d]# head -n 5 testbot.hailu.pro.conf server { listen 88; #listen [::]:88; server_name testbot.hailu.pro; return 301 https://$server_name:8443$request_uri;
ng js css img
css文件 浏览器打开为下载的处理 如下 ,不过其实好像不处理也没事的 只是不太好而已 静态资源文件去掉头 content-type 还有expires wwwstatic.cai.com.conf cat wwwstatic.cai.com.conf #server { # listen 80; # server_name wwwstatic.cai.com; # rewrite ^(.*)$ https://$host$1 permanent; #} # server { listen 80; listen 443 ssl; server_name wwwstatic.cai.com; #root /var/www/www.cai.com; index index.html index.htm; ssl_certificate /etc/nginx/ssl/cai.crt; ssl_certificate_key /etc/nginx/ssl/cai.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|js|css|svg|woff|ttf)$ { add_header 'Access-Control-Allow-Origin' '*'; proxy_pass http://proxy_node_nuxt; # add_header Content-Disposition: 'attachment;'; # Content-Disposition 属性是作为对下载文件的一个标识字段,Content-Disposition属性有两种类型:inline 和 attachment 。 # inline :将文件内容直接显示在页面;attachment:弹出对话框让用户下载。下面上代码: # expires 2d; } location / { root /usr/share/nginx/html; if ($request_filename ~* ^.*?.(htm|html)$){ add_header Content-Disposition attachment; } index index.html index.htm; } location ~ /\.ht { deny all; } location /.well-known/acme-challenge/ { root /var/www/letsencrypt/; log_not_found off; } location @router { rewrite ^.*$ /index.html last; } error_log /var/log/nginx/wwwstatic.cai.com_error.log; access_log /var/log/nginx/wwwstatic.cai.com_access.log; # include /etc/nginx/sites-available/blockips.conf; }
see alos