“Nginx的那些事”的版本间的差异

来自linux中国网wiki
跳到导航 跳到搜索
→‎sns
 
(未显示同一用户的9个中间版本)
第131行: 第131行:
  
 
</pre>
 
</pre>
 +
==下载站==
 +
<pre>
 +
cat  manage.88.com.conf
 +
server {
 +
  listen 80;
 +
  server_name manage.88.com;
 +
  rewrite ^/(.*)$ https://manage.88.com:443/$1 permanent;
 +
  access_log /data/wwwlogs/application-management_nginx.log combined;
 +
  index index.php index.html;
 +
  root /home/containers_data/nginx/wwwroot/application-management/public;
 +
 
 +
  #error_page 404 /404.html;
 +
  #error_page 502 /502.html;
 +
  #location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
 +
  #  valid_referers none blocked *.bidd.pro manage.88.com;
 +
  #  if ($invalid_referer) {
 +
  #      return 403;
 +
  #  }
 +
  #}
 +
 +
  location / {
 +
    try_files $uri $uri/ /index.php$is_args$args;
 +
  }
 +
 +
  location ~ \.php$ {
 +
    root /var/www/application-management/public;
 +
    fastcgi_pass 127.0.0.1:9000;
 +
    fastcgi_index index.php;
 +
    include fastcgi_params;
 +
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 +
  }
 +
 +
  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
 +
    expires 30d;
 +
    access_log off;
 +
  }
 +
  location ~ .*\.(js|css)?$ {
 +
    expires 7d;
 +
    access_log off;
 +
  }
 +
  location ~ /\.ht {
 +
    deny all;
 +
  }
 +
}
 +
 +
server {
 +
  listen 443 ssl;
 +
  server_name manage.88.com;
 +
#  ssl on;
 +
  ssl_certificate      /usr/local/nginx/conf/ssl/STAR.88.com.crt;
 +
  ssl_certificate_key  /usr/local/nginx/conf/ssl/STAR.88.com.key;
 +
#  ssl_session_cache    shared:SSL:1m;
 +
  ssl_session_timeout  5m;
 +
  ssl_ciphers  HIGH:!aNULL:!MD5;
 +
  ssl_prefer_server_ciphers  on;
 +
#      ssl_certificate /usr/local/nginx/conf/ssl/STAR.88.com.crt;
 +
#      ssl_certificate_key /usr/local/nginx/conf/ssl/STAR.88.com.key;
 +
#      ssl_session_timeout 5m;
 +
#      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 +
#      ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
 +
#      ssl_prefer_server_ciphers on;
 +
  access_log /data/wwwlogs/application-management_nginx.log combined;
 +
  index index.php index.html;
 +
  root /home/containers_data/nginx/wwwroot/application-management/public;
 +
 +
  #error_page 404 /404.html;
 +
  #error_page 502 /502.html;
 +
  #location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
 +
  #  valid_referers none blocked *.bidd.pro manage.88.com;
 +
  #  if ($invalid_referer) {
 +
  #      return 403;
 +
  #  }
 +
  #}
 +
 +
  location / {
 +
    try_files $uri $uri/ /index.php$is_args$args;
 +
  }
 +
 +
  location ~ \.php$ {
 +
    root /var/www/application-management/public;
 +
    fastcgi_pass 127.0.0.1:9000;
 +
    fastcgi_index index.php;
 +
    include fastcgi_params;
 +
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 +
  }
 +
 +
  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
 +
    expires 30d;
 +
    access_log off;
 +
  }
 +
  location ~ .*\.(js|css)?$ {
 +
    expires 7d;
 +
    access_log off;
 +
  }
 +
  location ~ /\.ht {
 +
    deny all;
 +
  }
 +
}
 +
 +
</pre>
 +
=troubleshooting=
 +
== 域名重复==
 +
<pre>
 +
f.d]# nginx  -t
 +
nginx: [warn] conflicting server name "testbot.hailu.pro" on 0.0.0.0:88, ignored
 +
nginx: [warn] conflicting server name "testbot.hailu.pro" on 0.0.0.0:8443, ignored
 +
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
 +
 +
 +
[root@10-8-2-235 conf.d]# head  -n 5  hellotestzuulintra.conf
 +
server {
 +
listen 88;
 +
listen [::]:88;
 +
server_name testbot.hailu.pro;
 +
return 301 https://$server_name:8443$request_uri;
 +
[root@10-8-2-235 conf.d]# head  -n 5  testbot.hailu.pro.conf
 +
server {
 +
listen 88;
 +
#listen [::]:88;
 +
server_name testbot.hailu.pro;
 +
return 301 https://$server_name:8443$request_uri;
 +
 +
</pre>
 +
 +
= ng js  css  img =
 +
<pre>
 +
css文件 浏览器打开为下载的处理 如下 ,不过其实好像不处理也没事的 只是不太好而已
 +
静态资源文件去掉头
 +
content-type
 +
还有expires
 +
wwwstatic.cai.com.conf
 +
cat wwwstatic.cai.com.conf
 +
#server  {
 +
#    listen 80;
 +
#    server_name  wwwstatic.cai.com;
 +
#    rewrite ^(.*)$ https://$host$1 permanent;
 +
#}
 +
#
 +
server {
 +
    listen 80;
 +
    listen 443 ssl;
 +
    server_name wwwstatic.cai.com;
 +
 +
    #root /var/www/www.cai.com;
 +
    index index.html index.htm;
 +
 +
    ssl_certificate /etc/nginx/ssl/cai.crt;
 +
    ssl_certificate_key /etc/nginx/ssl/cai.key;
 +
        ssl_session_cache    shared:SSL:1m;
 +
        ssl_session_timeout  5m;
 +
        ssl_ciphers  HIGH:!aNULL:!MD5;
 +
        ssl_prefer_server_ciphers  on;
 +
 +
    location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|js|css|svg|woff|ttf)$ {
 +
        add_header 'Access-Control-Allow-Origin' '*';
 +
        proxy_pass http://proxy_node_nuxt;
 +
      # add_header Content-Disposition: 'attachment;';
 +
  # Content-Disposition 属性是作为对下载文件的一个标识字段,Content-Disposition属性有两种类型:inline 和 attachment 。
 +
  # inline :将文件内容直接显示在页面;attachment:弹出对话框让用户下载。下面上代码:
 +
      # expires      2d;
 +
    }
 +
 +
    location / {
 +
        root /usr/share/nginx/html;
 +
        if ($request_filename ~* ^.*?.(htm|html)$){
 +
          add_header Content-Disposition attachment;
 +
        }
 +
        index index.html index.htm;
 +
    }
 +
 +
    location ~ /\.ht {
 +
        deny all;
 +
    }
 +
  location /.well-known/acme-challenge/ {
 +
        root /var/www/letsencrypt/;
 +
        log_not_found off;
 +
    }
 +
 +
    location @router {
 +
        rewrite ^.*$ /index.html last;
 +
    }
 +
 +
    error_log /var/log/nginx/wwwstatic.cai.com_error.log;
 +
    access_log /var/log/nginx/wwwstatic.cai.com_access.log;
 +
#    include /etc/nginx/sites-available/blockips.conf;
 +
}
 +
</pre>
 +
 +
=see alos=
  
 
[https://www.nginx.cn/install Nginx安装]
 
[https://www.nginx.cn/install Nginx安装]
  
 
[https://juejin.im/post/5cdd4d3ee51d456e8240ddca |Nginx-安装与配置(1)]
 
[https://juejin.im/post/5cdd4d3ee51d456e8240ddca |Nginx-安装与配置(1)]
 +
 +
 +
== ng and css ==
 +
[https://blog.csdn.net/dengzhuineng7792/article/details/101243139?utm_medium=distribute.pc_relevant.none-task-blog-BlogCommendFromMachineLearnPai2-1.pc_relevant_is_cache&depth_1-utm_source=distribute.pc_relevant.none-task-blog-BlogCommendFromMachineLearnPai2-1.pc_relevant_is_cache  http之Content-Disposition 属性]
 +
 +
[https://blog.csdn.net/PGguoqi/article/details/106824957  js无法获取响应header的Content-Disposition字段(2020)]
 +
 +
[https://www.cnblogs.com/sz-jack/p/5206159.html  nginx实现动态分离,解决css和js等图片加载问题 ]
 +
 +
[https://blog.csdn.net/qq_27184497/article/details/82292399  解决nginx部署后css、js、图片等样式不加载的问题]
 +
 +
 
  [[category:ops]]
 
  [[category:ops]]

2020年11月19日 (四) 03:22的最新版本

symbolic

有意思的 
  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;




root@debian:/etc/nginx/sites-enabled# pwd
/etc/nginx/sites-enabled
root@debian:/etc/nginx/sites-enabled# file default 
default: symbolic link to /etc/nginx/sites-available/default

nginx conf

80 443 共存

 server
{

listen 80;
listen 443 ssl;
server_name www.iamle.com;
index index.html index.htm index.php;
root /home/wwwroot/www.iamle.com/;
#ssl on; 这里要注释掉
ssl_certificate /usr/local/nginx/conf/ssl/www_iamle_com.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/www_iamle_com.key;

#以下配置省略

}

sns 线上

 cat www.cai.net.conf
upstream proxy_node_nuxt.net {
#fair;
#ip_hash;
#hash $clientRealIp;

#server 176.24.18.94:3333 weight=1 max_fails=2 fail_timeout=10s ;

#old 
#server 172.16.200.14:3333 weight=1 max_fails=2 fail_timeout=10s;
}

server  {
	listen 80;
	listen [::]:80;
	#listen 443 ssl http2;
	#listen [::]:443 ssl http2;    
 
    server_name www.cai.net cai.net;

#     return 301 https://www.cai.net$request_uri;
    rewrite ^(.*)$ https://$host$1 permanent;
}

server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;    
#    listen 443 ssl;
    server_name www.cai.net cai.net;

#    if ( $host = 'www.cai.net'  )  {
#        rewrite ^/(.*)$ https://www.cai.net/$1 permanent;
#    }
    if ( $host = 'cai.net'  )  {
        rewrite ^/(.*)$ https://www.cai.net/$1 permanent;
    }
   root /data/www/www.cai.net;


    index index.html index.htm;

    ssl_certificate /etc/nginx/ssl/cai.net.crt;
    ssl_certificate_key /etc/nginx/ssl/cai.net.key;

 #by evan
   # if ($scheme = http) {
   #        return 301 https://$server_name$request_uri;
   # } 
 #by evan

    location ~ /360_ssp_verify\.txt {
         root /var/www;
    }

    location /nginx_status {
            stub_status on;
            access_log off;
            allow 183.6.50.25;
            allow 39.104.176.12;
            allow 45.114.170.162;
            allow 127.0.0.1;
            deny all;
        }


    location /download/ {
         root /var/www;
    }

    location ^~ /.well-known/pki-validation/ {
        alias /var/www/pki-validation/;
        log_not_found off;
    }

   merge_slashes off;
   rewrite ^([^.]*?\/)\/+(.*)$ $1$2 permanent;

    location / {
	proxy_pass http://proxy_node_nuxt.net;
    }
##evan


  # 去html
    rewrite  ^/(.+)\.html       /$1 last;
   # rewrite  ^/info/$           /info/alerts/ last;

    error_log /var/log/nginx/www.cai.net.error.log;
    access_log /var/log/nginx/www.cai.net.access.log;
#    include /etc/nginx/sites-available/blockips.conf;
}

下载站

 cat  manage.88.com.conf 
server {
  listen 80;
  server_name manage.88.com;
  rewrite ^/(.*)$ https://manage.88.com:443/$1 permanent;
  access_log /data/wwwlogs/application-management_nginx.log combined;
  index index.php index.html;
  root /home/containers_data/nginx/wwwroot/application-management/public;
  
  #error_page 404 /404.html;
  #error_page 502 /502.html;
  #location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
  #  valid_referers none blocked *.bidd.pro manage.88.com;
  #  if ($invalid_referer) {
  #      return 403;
  #  }
  #}

  location / {
    try_files $uri $uri/ /index.php$is_args$args;
  }

  location ~ \.php$ {
    root /var/www/application-management/public;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  }

  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
    expires 30d;
    access_log off;
  }
  location ~ .*\.(js|css)?$ {
    expires 7d;
    access_log off;
  }
  location ~ /\.ht {
    deny all;
  }
}

server {
  listen 443 ssl;
  server_name manage.88.com;
#  ssl on;
  ssl_certificate      /usr/local/nginx/conf/ssl/STAR.88.com.crt;
  ssl_certificate_key  /usr/local/nginx/conf/ssl/STAR.88.com.key;
#  ssl_session_cache    shared:SSL:1m;
  ssl_session_timeout  5m;
  ssl_ciphers  HIGH:!aNULL:!MD5;
  ssl_prefer_server_ciphers  on;
 #       ssl_certificate /usr/local/nginx/conf/ssl/STAR.88.com.crt;
 #       ssl_certificate_key /usr/local/nginx/conf/ssl/STAR.88.com.key;
 #       ssl_session_timeout 5m;
 #       ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 #       ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
 #       ssl_prefer_server_ciphers on;
  access_log /data/wwwlogs/application-management_nginx.log combined;
  index index.php index.html;
  root /home/containers_data/nginx/wwwroot/application-management/public;

  #error_page 404 /404.html;
  #error_page 502 /502.html;
  #location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv|mp4)$ {
  #  valid_referers none blocked *.bidd.pro manage.88.com;
  #  if ($invalid_referer) {
  #      return 403;
  #  }
  #}

  location / {
    try_files $uri $uri/ /index.php$is_args$args;
  }

  location ~ \.php$ {
    root /var/www/application-management/public;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  }

  location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
    expires 30d;
    access_log off;
  }
  location ~ .*\.(js|css)?$ {
    expires 7d;
    access_log off;
  }
  location ~ /\.ht {
    deny all;
  }
}

troubleshooting

域名重复

f.d]# nginx  -t 
nginx: [warn] conflicting server name "testbot.hailu.pro" on 0.0.0.0:88, ignored
nginx: [warn] conflicting server name "testbot.hailu.pro" on 0.0.0.0:8443, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok


[root@10-8-2-235 conf.d]# head  -n 5  hellotestzuulintra.conf 
server {
	listen 88;
	listen [::]:88;
	server_name testbot.hailu.pro;
	return 301 https://$server_name:8443$request_uri;
[root@10-8-2-235 conf.d]# head  -n 5  testbot.hailu.pro.conf 
server {
	listen 88;
	#listen [::]:88;
	server_name testbot.hailu.pro;
	return 301 https://$server_name:8443$request_uri;

ng js css img

css文件 浏览器打开为下载的处理 如下 ,不过其实好像不处理也没事的 只是不太好而已
静态资源文件去掉头
content-type
还有expires
wwwstatic.cai.com.conf
cat wwwstatic.cai.com.conf
#server  {
#    listen 80;
#    server_name  wwwstatic.cai.com;
#    rewrite ^(.*)$ https://$host$1 permanent;
#}
#
server {
    listen 80;
    listen 443 ssl;
    server_name wwwstatic.cai.com;

    #root /var/www/www.cai.com;
    index index.html index.htm;

    ssl_certificate /etc/nginx/ssl/cai.crt;
    ssl_certificate_key /etc/nginx/ssl/cai.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

    location ~ .*\.(gif|jpg|jpeg|bmp|png|ico|js|css|svg|woff|ttf)$ {
        add_header 'Access-Control-Allow-Origin' '*';
        proxy_pass http://proxy_node_nuxt;
       # add_header Content-Disposition: 'attachment;';
  # Content-Disposition 属性是作为对下载文件的一个标识字段,Content-Disposition属性有两种类型:inline 和 attachment 。
  # inline :将文件内容直接显示在页面;attachment:弹出对话框让用户下载。下面上代码:
       # expires      2d;
    }

    location / {
        root /usr/share/nginx/html;
        if ($request_filename ~* ^.*?.(htm|html)$){
           add_header Content-Disposition attachment;
        }
        index index.html index.htm;
    }

    location ~ /\.ht {
        deny all;
    }
   location /.well-known/acme-challenge/ {
        root /var/www/letsencrypt/;
        log_not_found off;
    }

    location @router {
        rewrite ^.*$ /index.html last;
    }

    error_log /var/log/nginx/wwwstatic.cai.com_error.log;
    access_log /var/log/nginx/wwwstatic.cai.com_access.log;
#    include /etc/nginx/sites-available/blockips.conf;
}

see alos

Nginx安装

|Nginx-安装与配置(1)


ng and css

http之Content-Disposition 属性

js无法获取响应header的Content-Disposition字段(2020)

nginx实现动态分离,解决css和js等图片加载问题

解决nginx部署后css、js、图片等样式不加载的问题