Linux 部署 Nginx
安装
参考官网的安装文档。
静态网站
# 强制跳转HTTPS
server {
listen 80;
server_name example.com;
return 301 https://$http_host$request_uri;
}
server {
listen 443 ssl http2;
ssl_certificate /etc/example.com.crt;
ssl_certificate_key /etc/example.com.key;
ssl_protocols TLSv1.3 TLSv1.2;
server_name example.com;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/app/html;
index index.html index.htm;
}
#error_page 404 /404.html;
error_page 497 https://$http_host$request_uri;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
代理网站
server{
listen 8888 ssl http2;
listen [::]:8888 ssl http2;
ssl_certificate /etc/example.com.crt;
ssl_certificate_key /etc/example.com.key;
ssl_protocols TLSv1.3 TLSv1.2;
server_name example.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://127.0.0.1:5212;
}
error_page 497 https://$http_host$request_uri;
}
前后端分离
server {
listen 8934;
listen [::]:8934;
root /usr/share/app/dist;
index index.html;
location /api/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect / /api/;
proxy_pass http://127.0.0.1:8000/;
}
location /assets/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8000/assets/;
}
}
常用参数
proxy_redirect
修改从被代理服务器传来的应答头中的Location
和Refresh
字段。proxy_redirect [ default|off|redirect replacement ]
以下两个配置等效:
location /test/ { proxy_pass http://s1:port/test1/; proxy_redirect default; } location /test/ { proxy_pass http://s1:port/test1/; proxy_redirect http://s1:port/test1/ /test/; }
相对跳转常用:
proxy_redirect / /api/;
proxy_set_header Host
$host
浏览器地址,没有端口$host:$proxy_port
浏览器地址 + 代理端口$http_host
浏览器地址 + 浏览器端口
proxy_set_header X-Real-IP $remote_addr
设置用户真实的地址,用于一级代理。proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
记录每级代理的来源地址,以逗号分隔。真实用户地址取第一个元素。