[nginx]日常配置笔记

前言
多日不用nginx 怎么打开都忘记了，今天又熟悉熟悉，记录下笔记

一 命令

启动 nginx
start nginx

关闭nginx
nginx -s stop

验证nginx配置文件是否正确

重启

二 代理和负载均衡

127.0.0.1/baidu.com 代理百度
127.0.0.1 负载均衡

upstream wwwdemocom {
	#负载均衡 轮训加权-缺点 一个连接满了 还会继续访问导致变慢
		server 127.0.0.1:8010 weight=1 fail_timeout=30s max_fails=10;
		server 127.0.0.1:8020 weight=2 fail_timeout=30s max_fails=10;
		server 127.0.0.1:8030 backup;
		#备份服务 
	}
	server {
	#一个虚拟机
	listen 80;
	#server_name localhost;
	server_name www.test.com;
	root html/www/test;
     	location = /baidu.html {
		proxy_pass http://www.baidu.com;
		}
	location / {
		#proxy_pass http://127.0.0.1:8010;
		proxy_pass http://wwwdemocom;
		#反向代理
		}
	}

三黑名单设置

include /etc/nginx/black.ip;

四 打印设置

在main路径下保存打印

log_format main "$remote_addr-$remote_user-[$time_local]-$request";
#打印 ip-用户-时间-请求
access_log logs/access_test.log main;
#添加日志

五 ssl配置

http{
 #证书路径
	   ssl_certificate nginx.crt;
	   #key路径
	   ssl_certificate_key nginx.key;
	   #s储存SSL会话的缓存类型和大小
	   ssl_session_cache shared:SSL:50m;
	   #会话过期时间
	   ssl_session_timeout 5m;

		ssl_protocols SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
		ssl_ciphers 				ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    	ssl_prefer_server_ciphers on;

}

完整conf

user root;#配置用户组，默认位nobody
worker_processes 1;#允许生成的进程数

events {
#事件配置
	worker_connections 1024;
}

http {
#http请求配置

	include /etc/nginx/mime.types;#默认类型文件
	include /etc/nginx/black.ip;
	#设置黑名单
	default_type application/octet-stream;
	#响应的默认类型
	sendfile 	on;
	keepalive_timeout  65;
	
	log_format main "$remote_addr-$remote_user-[$time_local]-$request";
	#打印 ip-用户-时间-请求
	access_log logs/access_test.log main;
	#添加日志

	upstream wwwdemocom {
	#负载均衡 轮训加权-缺点 一个连接满了 还会继续访问导致变慢
		server 127.0.0.1:8010 weight=1 fail_timeout=30s max_fails=10;
		server 127.0.0.1:8020 weight=2 fail_timeout=30s max_fails=10;
		server 127.0.0.1:8030 backup;
		#备份服务 
	}
	server {
	#一个虚拟机
	listen 80;
	#server_name localhost;
	server_name www.test.com;
	root html/www/test;
	#location / {
	#请求的地址
	#	limit_rate 1k;
	#	limit_rate_after 2k;
	#	index index_8080.html ;
	#}
     	location = /baidu.html {
		proxy_pass http://www.baidu.com;
		}
	location / {
		#proxy_pass http://127.0.0.1:8010;
		proxy_pass http://wwwdemocom;
		#反向代理
		}
	}
	server {
		listen 8010;
       		#server_name localhost;
      	  	server_name loaclhost;
        	root html/www/test;
		location / {
        #请求的地址
                index hello.html ;
        		}
	}
        server {
                listen 8020;
                server_name loaclhost;
                root html/www/test;
                location / {
        #请求的地址
                index hello_2.html ;
                        }
        }
	server {
                listen 8030;
                server_name loaclhost;
                root html/www/test;
                location / {
        #请求的地址
                index hello_2.html ;
                        }
        }
}