一、nginx 安装
1。 通过nginx.org下载源码安装包,或直接wget下载 点击链接去下载
选择对应系统版本即可。我这里从稳定版【Stable version】下载
2. 安装nginx依赖环境包
yum install gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel
3. 上传或者下载nginx安装包
~ mkdir -p /usr/local/nginx
~ wget -P /usr/local/nginx http://nginx.org/download/nginx-1.24.0.tar.gz
~ cd /usr/local/nginx
~ tar zxvf nginx-1.24.0.tar.gz
~ cd nginx-1.24.0
~ ./configure --with-pcre=/usr/local/nginx
~ make && make install
~ cd /usr/local/nginx/sbin
# 检查配置文件的语法是否正确
~ ./nginx -t
# 启动
~ ./nginx
# 重启
~ ./nginx -s reload
# 停止
~ ./nginx -s stop
- 加入到环境变量(推荐)
~ vim /etc/profile
# 增加
export PATH="$PATH:/usr/local/nginx/sbin"
# 重新加载
~ source /etc/profile
# 启动
~ nginx
# 停止
~ nginx -s stop
# 重新加载 Nginx 服务配置
~ nginx -s reload
- 加入到 systemctl
~ vim /etc/systemd/system/nginx.service
#增加内容
[Unit]
Description=Nginx
After=network.target
[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecStop=/usr/local/nginx/sbin/nginx -s quit
ExecReload=/usr/local/nginx/sbin/nginx -s reload
PrivateTmp=true
[Install]
WantedBy=multi-user.target
# 保存之后 重新加载 systemd 配置
~ systemctl daemon-reload
# 开启
~ systemctl start nginx
# g
~ systemctl stop nginx
- 部分截图
访问ip 80端口
引入外部配置文件(多个添加到/usr/local/nginx/conf.d/)
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
underscores_in_headers on;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /usr/local/nginx/conf.d/*.conf;
}
- 普通代理
client_body_buffer_size 10m; #缓存区大小
client_max_body_size 100m; #上传文件的最大值
client_body_temp_path /usr/local/nginx/client_temp 1 2;
server {
listen 8080;
server_name localhost;
keepalive_timeout 600;
fastcgi_connect_timeout 600;
fastcgi_send_timeout 600;
fastcgi_read_timeout 600;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;
location /xxx-app-boot/ {
proxy_buffer_size 4096k;
proxy_buffers 4 4096k;
client_max_body_size 100m;
proxy_pass http://LoadBalance-server;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
}
- vue项目部署代理/前后端分离代理
server {
listen 8080;
server_name localhost;
#access_log /var/log/nginx/host.access.log main;
location / {
root /data/xxxxx/web-site/dist;# 前端打包文件
index index.html index.htm;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.html?s=$1 last;
break;
}
}
location /api {# 访问api请求转发
proxy_pass http://ip:port/xxxx-boot/;# 转发到后台服务
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
- ssl配置 +负载均衡
需要准备 域名 名称、(域名).crt 证书文件、(域名).key 文件
部署两份及以上接口服务
upstream appBoot-server {
server 192.161.0.121:8080;
server 192.161.0.122:8080;
# fair; # "fair" 算法,每个客户端的请求都会被发送到相同的后端服务器,这有助于保持会话的一致性,特别适用于需要保持状态的应用程序,如在线购物、用户登录等。由于每个客户端都被分配到相同的后端服务器,这样可以确保它们的会话信息在同一个服务器上保持一致
}
server {
listen 443 ssl;
server_name www.demo.com; #填写绑定证书的域名
limit_rate 300K;
ssl_certificate www.demo.com.crt; # 指定证书的位置,绝对路径
ssl_certificate_key www.demo.com.key; # 绝对路径,同上
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
ssl_prefer_server_ciphers on;
location /app-boot/ {
proxy_buffer_size 4096k;
proxy_buffers 4 4096k;
client_max_body_size 100m;
proxy_pass http://appBoot-server;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
}