nginx常用配置
常用配置路径代理映射 http和https配置nginx路径下的配置文件:/etc/nginx/conf.d/nginx.conf (每个人的可能不一样,但是我这个就是yum 直接安装的)
如下配置 配置http 和 https 、ws 和 wss
#自定义配置地址<br>upstream halo {
server 127.0.0.1:8090;
}
server {
listen 80;
listen [::]:80;<br>#域名
server_name *.zengoutlook.online;
client_max_body_size 1024m;
rewrite ^(.*)$ https://$host$1;
# coreHome小程序和ws配置 前缀匹配
location ^~/coreHome/ {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
<br># 暂时不用
# rewrite ^/coreHome/(.*)$ /$1 break; #拦截标识去除
#proxy_pass http://127.0.0.1:8000; #这里是http不是ws,不用怀疑,代理的ip和port写ws访问的实际地址
#proxy_http_version 1.1; #这里必须使用http 1.1
#下面两个必须设置,请求头设置为ws请求方式
#proxy_set_header Upgrade $http_upgrade;
#proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://halo;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# HTTPS server配置https
server {
listen 443 ssl;
server_name *.*.online; #自己的域名
ssl_certificate /root/ssl/Nginx/1_zeng164outlook.online_bundle.crt;
ssl_certificate_key/root/ssl/Nginx/2_zeng164outlook.online.key;
ssl_session_timeout 5m;
#请按照以下协议配置
ssl_protocols TLSv1.2 TLSv1.3;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
fastcgi_paramHTTPS on;
fastcgi_paramHTTP_SCHEME https;
# coreHome小程序和ws配置
location ^~/coreHome/ {
proxy_pass http://127.0.0.1:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# rewrite ^/coreHome/(.*)$ /$1 break; #拦截标识去除
#proxy_pass http://127.0.0.1:8000; #这里是http不是ws,不用怀疑,代理的ip和port写ws访问的实际地址
#proxy_http_version 1.1; #这里必须使用http 1.1
#下面两个必须设置,请求头设置为ws请求方式
#proxy_set_header Upgrade $http_upgrade;
#proxy_set_header Connection "upgrade";
}
location / {
proxy_pass http://halo;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
来源:https://www.cnblogs.com/Zeng02/p/17424246.html
免责声明:由于采集信息均来自互联网,如果侵犯了您的权益,请联系我们【E-Mail:cb@itdo.tech】 我们会及时删除侵权内容,谢谢合作!
页:
[1]