一个完整示例:
server {
listen 8080;
server_name 123.123.123.123;
root /home/myname/work/business/dist;
index index.html index.php;
access_log /var/log/nginx/access_erp.log;
error_log /var/log/nginx/error_erp.log;
client_max_body_size 8M;
client_body_buffer_size 128k;
ssl on;
ssl_certificate /etc/nginx/cert/4242434_abc.cn.pem;
ssl_certificate_key /etc/nginx/cert/532q432543_abc.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location ^~ /m/ {
alias /home/myname/work/business/dist/;
try_files $uri $uri/ /index.html =404;
index index.html;
}
location /express/ {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
proxy_pass http://tpdoc.cn:3001/;
}
}
1.server_name:
可以是域名,如:abc.com;也可以是ip,如:123.123.123.123
2.listen:
监听端口,如8080;(注:阿里云上使用端口前需要在阿里云后太安全组中添加要使用的端口,之后才可以在配置中使用,否则端口不可用)
3.root:
访问ip+端口 所指向的本机的文件夹地址,如: /home/myname/work/business/dist
4.location:
配置反向代理的当前位置,具体如下,一般常用的有两种反向代理模式,如下;
1.反向代理到本机器上的文件夹中:
上面示例, 访问http://123.123.123.123:8080/m 就会指向 /home/myname/work/business/dist/ 本机文件夹,包括文件夹下的静态资源;如下:
location ^~ /m/ {
alias /home/myname/work/business/dist/;
try_files $uri $uri/ /index.html =404;
index index.html;
}
但是如果将前面的 ^~ 去掉,就不能访问文件夹下的静态资源,会出现404的问题。这是个坑,如下:
location /m/ {
alias /home/myname/work/business/dist/;
try_files $uri $uri/ /index.html =404;
index index.html;
}
2.反向代理到其他服务器上:
location /snowApi/ {
proxy_pass http://abchaha.cn:8080/;
}
5.增加接口允许跨域访问配置
location /express/ {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
proxy_pass http://tpdoc.cn:3001/;
}
8.https证书配置(需先申请免费的活购买花钱的ssl正式)
申请后会得到一个.pem后缀的文件和一个.key后缀的文件,将这两个文件上传到服务器上,之后如下方ssl开头的一些列配置那样配置到nginx配置文件中;如:
server {
listen 8080;
server_name 123.123.123.123;
root /home/caofanghui/work/business/dist;
index index.html index.php;
access_log /var/log/nginx/access_erp.log;
error_log /var/log/nginx/error_erp.log;
client_max_body_size 8M;
client_body_buffer_size 128k;
ssl on;
ssl_certificate /etc/nginx/cert/4242434_abc.cn.pem;
ssl_certificate_key /etc/nginx/cert/532q432543_abc.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location ^~ /m/ {
alias /home/myname/work/business/dist/;
try_files $uri $uri/ /index.html =404;
index index.html;
}
}
结束!
网友评论