nginx基础配置

1.nginx.conf

user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf; #这个会扫描conf.d中所有的配置
}

2.server 配置

可以吧文件分多个放在conf.d文件中上面配好了地址会加载

• my.conf （配置tomcat)

server {
    listen       80;  # 监听的端口  域名默认访问80 
    server_name  www.xxxxxx.com;  # 监听的服务地址  
    charset utf-8;    # 服务编码方式
    error_log /var/log/nginx/nginx_error.log warn;  # 错误日志存放
    access_log /var/log/nginx/nginx_access.log  main;  #访问日志 
    #client_max_body_size 100m; 
    location / {
        proxy_pass http://tomcat:8080;     #通过上面的地址访问会转到 http//tomcat:8080，tomcat是docker的容器名   
        add_header Access-Control-Allow-Origin *;
    }

}

• myhttps.conf (配置tomcat https访问这个要去申请证书)

server {
    listen  443 ssl;  #SSL https默认访问端口号为 443  这里记得加上ssl之前没加搞半天访问不了
    server_name www.xxxxxxx.com;  # 监听的服务地址 绑定证书的域名
    ssl_certificate /etc/nginx/conf.d/https/xxxxxxx.top_bundle.crt;  #证书文件的相对路径或绝对路径 
    ssl_certificate_key /etc/nginx/conf.d/https/xxxxxxx.top.key; #私钥文件的相对路径或绝对路径
    #ssl_session_timeout 5m;
    ssl_protocols TLSv1.2 TLSv1.3; 
    #套件配置，配置加密套件，写法遵循 openssl 标准。
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; 
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://tomcat:8080;     #通过上面的地址访问会转到 http//tomcat:8080，tomcat是docker的容器名
        add_header Access-Control-Allow-Origin *;
    }
}