Nginx配置笔记

发表于

安装

在yum repo配置目录下创建nginx镜像配置, /etc/yum.repos.d/nginx.repo, 文件nginx.repo填入如下内容

1
2
3
4
5
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

然后运行

1
yum install nginx -y

如果出错,需要检查配置文件内容是否有误,也有可能是cache问题,运行yum clean all 即可。

常用命令

1
2
3
4
5
/etc/init.d/nginx start # 启动Nginx服务
 
/etc/init.d/nginx stop # 停止Nginx服务
 
/etc/nginx/nginx.conf # Nginx配置文件

配置

HTTPS

将域名 www.domain.com 的证书文件1_www.domain.com_bundle.crt 、私钥文件2_www.domain.com.key保存到同一个目录,例如/usr/local/nginx/conf目录下。
更新Nginx根目录下 conf/nginx.conf 文件如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
server {
        listen 443;
        server_name www.domain.com; #填写绑定证书的域名
        ssl on;
        ssl_certificate 1_www.domain.com_bundle.crt;
        ssl_certificate_key 2_www.domain.com.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
        ssl_prefer_server_ciphers on;
        location / {
            root   html; #站点目录
            index  index.html index.htm;
        }
}

HTTP rewrite to HTTPS

1
2
3
4
5
server {
   listen         80;
   server_name    www.domain.com;
   return         301 https://$server_name$request_uri;
}

参考资料

https://serverfault.com/questions/67316/in-nginx-how-can-i-rewrite-all-http-requests-to-https-while-maintaining-sub-dom

https://www.nginx.com/resources/wiki/start/topics/tutorials/install/

https://nginx.org/en/docs/beginners_guide.html

https://cloud.tencent.com/document/product/400/4143