nginx 配置
Last updated on September 15, 2024 pm
🧙 Questions
☄️ Ideas
sudo vim /etc/nginx/nginx.conf# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
#error_log /var/log/nginx/error.log;
error_log /var/log/nginx/error.log warn;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# 设置日志路径
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
# ------------------------------ ispong blogs ------------------------------
server {
listen 80;
listen [::]:80;
server_name ispong.isxcode.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ispong.isxcode.com;
ssl_certificate "/data/blogs/full_chain.pem";
ssl_certificate_key "/data/blogs/private.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://172.24.28.255:30103;
}
location = /robots.txt {
alias /data/ssl/galaxy/robots.txt;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# ------------------------------ api ------------------------------
server {
listen 80;
listen [::]:80;
server_name api.isxcode.com;
location / {
proxy_pass http://172.24.28.255:30100;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name api.isxcode.com;
ssl_certificate "/data/api/full_chain.pem";
ssl_certificate_key "/data/api/private.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://172.24.28.255:30100;
}
}
# ------------------------------ leo-dev ------------------------------
server {
listen 80;
listen [::]:80;
server_name leo.isxcode.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name leo.isxcode.com;
# 配置ssl
ssl_certificate "/data/leo/full_chain.pem";
ssl_certificate_key "/data/leo/private.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://172.24.28.255:30104;
}
location = /robots.txt {
alias /data/ssl/leo-react/robots.txt;
}
# if ( $http_user_agent ~* '(Android|webOS|iPhone|iPod|BlackBerry)') {
# rewrite ^(.*)$ https://m.${server_name}$1 permanent;
# }
#
# location / {
# root /usr/share/nginx/html/leo/dist/;
# index index.html index.htm;
# try_files $uri $uri/ /index.html;
# }
# ------------------------------ leo ------------------------------
server {
listen 80;
listen [::]:80;
server_name leo.isxcode.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name leo.isxcode.com;
# 配置ssl
ssl_certificate "/data/leo/full_chain.pem";
ssl_certificate_key "/data/leo/private.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://172.24.28.255:30104;
}
location = /robots.txt {
alias /data/ssl/leo-react/robots.txt;
}
if ( $http_user_agent ~* '(Android|webOS|iPhone|iPod|BlackBerry)') {
rewrite ^(.*)$ https://m.${server_name}$1 permanent;
}
}
# ============ gzip ===============
# 是否开启gzip,默认关闭off
gzip on;
# 32 4k|16 8k 设置压缩单位
gzip_buffers 32 4k;
# 压缩级别,等级越大,压缩时间越长
gzip_comp_level 6;
# 正则匹配哪些浏览器不需要压缩
gzip_disable "MSIE [1-6]\.";
# 配置http版本,满足1.1即实行压缩
gzip_http_version 1.1;
# 文件最小长度,即不需要压缩
gzip_min_length 20;
# 是否压缩代理的数据
gzip_proxied off;
# 匹配哪些文件需要压缩
gzip_types application/javascript text/css text/xml;
# 判断浏览器是否支持压缩
gzip_vary on;
}# ------------------------------ 至轻云demo演示环境 ------------------------------
server {
listen 80;
listen [::]:80;
server_name zhiqingyun-demo.isxcode.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name zhiqingyun-demo.isxcode.com;
ssl_certificate "/data/nginx/ssl/9453284_zhiqingyun-demo.isxcode.com.pem";
ssl_certificate_key "/data/nginx/ssl/9453284_zhiqingyun-demo.isxcode.com.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://172.24.28.255:30211/;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}检查
sudo nginx -t
sudo nginx -s reload🔗 Links
nginx 配置
https://ispong.isxcode.com/vue/nginx/nginx 配置/