Centos Nginx配置

1, 基础配置:

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

#    ********************************************* www.junlenet.com ********************************************************** 	
    server {
        listen		80;
		server_name www.junlenet.com;
        location /  {
			#root html;
			#index index.html index.htm;
			proxy_pass http://localhost:8080/home/; #带上/
			proxy_redirect          off;
			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	server {
        listen       443 ssl;
        server_name  www.junlenet.com;

        ssl_certificate      ****.crt;
        ssl_certificate_key  ****.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            #root   html;
            #index  index.html index.htm;
			proxy_pass http://localhost:8080/home/;  #带上/
			proxy_redirect          off;
			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

# Settings for a TLS enabled server.
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /usr/share/nginx/html;
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#        location / {
#        }
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }


2,  相关命令:


systemctl status nginx   //查看状态

systemctl start nginx  //启动, stop:停止, restart reload  重启 


systemctl stop firewalld.service  // start, restart

firewall-cmd --state #查看默认防火墙状态(关闭后显示notrunning,开启后显示running)

centos6 :

service nginx start  // stop, reload,restart 


阿里云,腾讯云 有安全组,记得去配置端口号,否则你就被玩坑了.... 

3,一个tomcat下多个项目, 再加nginx, session失效问题.

首先查看浏览器请求headers数据,发现每次JSESSIONID都会变. 说明session有问题.

配置tomcat server.xml context 添加 sessionCookiePath="/" 



server_name  www.junlenet.com;
charset utf-8;
root   /opt/apache-tomcat-7.0.53/webapps/demo/;
location / {
    proxy_set_header   Host             $host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    add_header From www.junlenet.org;
    proxy_cookie_path /demo/ /;
    proxy_set_header Cookie $http_cookie;



add_header 'Access-Control-Allow-Origin' '*';  
add_header 'Access-Control-Allow-Credentials' 'true'; 


cd /usr/local/nginx/sbin

./nginx #运行; 运行上面那些命令无法启动时,可以使用这个启动.

./nginx -s reload  #重启
