码迷,mamicode.com
首页 > 其他好文 > 详细

Nginx常用配置

时间:2019-11-30 12:12:06      阅读:85      评论:0      收藏:0      [点我收藏+]

标签:prot   server   pre   _for   文件   tls   静态资源   ESS   支付   

本地静态资源

将本地文件系统中(/var/web/portal目录下)的资源映射到http://www.xxx.com

    server {
        listen  80;
        server_name www.xxx.com;
        location / {
            root        /var/web/portal;
            index       index.html;
        }
    }

普通转发

将内网资源(http://localhost:8080/)映射到http://api.xxx.com

    server {
        listen          80;
        server_name     api.xxx.com;
        server_name_in_redirect off;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        location /  {
            proxy_pass  http://localhost:8080/;
        }
    }

Https 转发

将内网资源(http://localhost:8080/)映射到https://api.xxx.com。这里需要将申请好的ssl证书放到/etc/nginx/tls/目录下,当然,也可以改成别的目录。

    server {
        listen          443;
        server_name     api.xxx.com;
        ssl on;
        ssl_certificate      /etc/nginx/tls/xxx.pem;
        ssl_certificate_key   /etc/nginx/tls/xxx.key;
        ssl_session_timeout  5m;
        ssl_protocols TLSv1.2;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
        server_name_in_redirect off;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        location /  {
            proxy_pass  http://localhost:8080/;
        }
    }

txt 验证文件

有时,网站需要配置一个txt的验证文件,比如在绑定小程序的业务域名时、或设置第三方支付回调域名时。可将txt文件放在指定目录(/xxx/xxx),使用下面配置。

    server {
        listen          443;
        server_name     api.xxx.com;
        ssl on;
        ssl_certificate      /etc/nginx/ssl/xxx.pem;
        ssl_certificate_key   /etc/nginx/ssl/xxx.key;
        ssl_session_timeout  5m;
        ssl_protocols TLSv1.2;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
        server_name_in_redirect off;
        proxy_set_header Host $host:$server_port;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        location /cdc4MZITW5.txt {
            alias /xxx/xxx;
            index cdc4MZITW5.txt;
        }
        location /  {
            proxy_pass  http://localhost:8080/;
        }
    }

Nginx常用配置

标签:prot   server   pre   _for   文件   tls   静态资源   ESS   支付   

原文地址:https://www.cnblogs.com/guopanbo/p/11961393.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!