server

nginx

nginx location 用法

https://www.cnblogs.com/dadonggg/p/7797281.html

编译

安装编译环境

1
2
sudo apt-get install build-essential
sudo apt-get install libtool

安装nginx依赖库

1
sudo apt-get install libpcre3 libpcre3-dev libssl-dev zlib1g-dev

nginx,pcre,openssl官网下载最新源码,解压nginx,pcre,openssl到/opt/nginx/目录下,

进入/opt/nginx/nginx-1.15.8目录

1
./configure --with-pcre=/opt/nginx/pcre-8.42 --with-openssl=/opt/nginx/openssl-1.1.0j --with-http_ssl_module

编译成功后,安装

1
make && make install

添加软连接

1
ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
nginx.conf 配置例子
1
2
3
4
# use nobody;
# 如果出现权限问题如:403 forbidden
# 可以打开上面注视,把nobody改为,运行nginx的用户
user root owner;
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
http {
    include       mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

   # include /etc/nginx/conf.d/*.conf;
   
    upstream llc_app {
    	server 192.168.0.119:3100;
    }

    server {
        listen       8099;
        server_name  localhost;

        location / {
            root   /opt/xmweb-html/webapp/;
            index  index.html;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
    # 允许浏览器ajax跨域
    server {

        listen  8089;
        location / {
            default_type text/html;
            add_header Access-Control-Allow-Origin *;
            add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
            add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
            #if ($request_method = 'OPTIONS') {
            #     return 204;
            # }
            # return 200 'hello nginx';
        }
    }
    
    server {
        listen 80;
        server_name localhost logan.ren linlc.cn;

        location / {
        #	proxy_redirect off; 
        #	proxy_set_header X-Real-IP $remote_addr; 
        # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
        # proxy_set_header X-Forwarded-Proto $scheme; 
        # proxy_set_header Host $http_host; 
        # proxy_set_header X-NginX-Proxy true; 
        # proxy_set_header Connection ""; 
        # proxy_http_version 1.1;
        	proxy_pass http://llc_app;
        }
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        	root html;
        }
        location = /10x.html {
        	default_type text/html;
        	return 200 "返回内容 asdf";
        }
        location ~ \.php$ {
        	proxy_pass http://127.0.0.1;
        }
        location ~ /\.ht {
            deny all;
        }
    }
    
    server {
        listen       443 ssl;
        server_name  xcx.linlc.cc timed.ink linlc.cc;

        ssl_certificate      /etc/letsencrypt/live/xcx.linlc.cc/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/xcx.linlc.cc/privkey.pem;
        ssl_trusted_certificate /etc/letsencrypt/live/xcx.linlc.cc/chain.pem;
    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

        location / {
            proxy_pass http://localhost:3000/;
        }
        location = /3dVF4aUfcW.txt{
            return 200 "ea5806e712e4ee15ac957f9df24bfb19";
        }
        
        # 302 重定向
        location /doc/ {
            proxy_pass http://dcsapi.com/;
            proxy_redirect http://p.dcsapi.com/ /dcs/;
        }
        location /dcs/{
            proxy_pass http://p.dcsapi.com/;
        }
        
        # 正则
        location ~ /c5app/.+\.html {
            root html;
            index index.html;
        }
        location /c5app/ {
            proxy_pass http://123.56.20.159:8001/;
        }
        location ~ (/newmedia_app|/chatSseAction) {
            proxy_pass http://123.56.20.159:8001;
        }
    }
}

socket.io 使用 https 的转发
const socket = io('wss://timed.ink')
nginx 配置

1
2
3
4
5
6
7
8
9
location /socket.io/ {
            proxy_pass http://localhost:8020;           
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $host;
        }