nginx [engine x] 是 HTTP 和反向代理服务器、邮件代理服务器和通用 TCP/UDP 代理服务器,最初由 Igor Sysoev 编写。很长一段时间以来,它一直在许多负载重的俄罗斯网站上运行。根据 Netcraft 的数据,2022 年 3 月,nginx 服务或代理了 22.01% 最繁忙的站点。
安装
sudo apt install nginx
常见命令
sudo systemctl start nginx
sudo systemctl status nginx
sudo systemctl stop nginx
sudo systemctl restart nginx
sudo systemctl enable nginx
配置文件
nginx 目录为 /etc/nginx/
在该目录下有个 nginx.conf
文件,里面记录了 nginx 会从哪些文件夹以什么规则识别 nginx 的配置文件
一般来说,默认读取配置文件的目录是 conf.d
或是 site-enabled
,个人一般习惯在 conf.d
里面写配置文件。配置文件的格式应该是 xxx.conf
以 .conf 后缀结尾。新增、删除、修改配置文件后必须要运行 sudo systemctl restart nginx
重载配置文件生效。
这里是一个编辑 nginx 配置文件的网站:
附上一些协会祖传 nginx 配置文件的例子:
server {
listen 80;
listen [::]:80;
server_name md.scumaker.org;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name md.scumaker.org;
access_log /var/log/nginx/md_access.log;
error_log /var/log/nginx/md_error.log;
ssl_certificate /etc/letsencrypt/live/md.scumaker.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/md.scumaker.org/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://localhost:19080/;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}
server {
listen 80;
listen [::]:80;
server_name git.scumaker.org;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name git.scumaker.org;
access_log /var/log/nginx/git_access.log;
error_log /var/log/nginx/git_error.log;
ssl_certificate /etc/letsencrypt/live/git.scumaker.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/git.scumaker.org/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://localhost:3001/;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}
server {
listen 80;
listen [::]:80;
server_name share.syaoran.scumaker.org;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name share.syaoran.scumaker.org;
access_log /var/log/nginx/git_access.log;
error_log /var/log/nginx/git_error.log;
ssl_certificate /etc/letsencrypt/live/share.syaoran.scumaker.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/share.syaoran.scumaker.org/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
location / {
proxy_pass http://localhost:16080/;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}
看到的不错的nginx教程
作为反代使用时,nginx远不如haproxy,可以去了解一下。