惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
N
News and Events Feed by Topic
P
Privacy International News Feed
The Hacker News
The Hacker News
Schneier on Security
Schneier on Security
C
Cybersecurity and Infrastructure Security Agency CISA
Security Latest
Security Latest
L
LINUX DO - 最新话题
阮一峰的网络日志
阮一峰的网络日志
Cisco Talos Blog
Cisco Talos Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
博客园 - 【当耐特】
博客园 - Franky
P
Privacy & Cybersecurity Law Blog
Attack and Defense Labs
Attack and Defense Labs
云风的 BLOG
云风的 BLOG
月光博客
月光博客
D
Docker
Webroot Blog
Webroot Blog
The GitHub Blog
The GitHub Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
W
WeLiveSecurity
S
Security Affairs
Martin Fowler
Martin Fowler
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Archives - TechRepublic
Security Archives - TechRepublic
Microsoft Azure Blog
Microsoft Azure Blog
C
CERT Recently Published Vulnerability Notes
B
Blog
L
Lohrmann on Cybersecurity
T
Threatpost
量子位
S
Schneier on Security
V
Visual Studio Blog
S
Securelist
T
The Exploit Database - CXSecurity.com
Scott Helme
Scott Helme
V
Vulnerabilities – Threatpost
aimingoo的专栏
aimingoo的专栏
The Register - Security
The Register - Security
I
Intezer
Stack Overflow Blog
Stack Overflow Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
博客园 - 聂微东
小众软件
小众软件
罗磊的独立博客
雷峰网
雷峰网
Recorded Future
Recorded Future

博客园 - 白马黑衣

网络安全3 - Easy RSA重新签发客户端证书 RHEL - 笔记本合盖不休眠 RHEL - yum cache JFrog Artifactory 系列6 --- 其他配置 Node.js - 配置npm Rocky Linux 升级失败 Linux --- firewalld 2 - nfttables Linux - DNS Apache HTTP Server 关闭SELinux RHEL - 设置hostname和IP地址 Linux --- 查看PID 判断端口是否已经被占用 Maven 常用命令 Jenkins 系列3 --- pipeline Git自签名证书的验证 iptables Jenkins 系列2 --- Node/Agent Jenkins 系列1 --- 安装与配置
Nginx 系列2 --- 配置
白马黑衣 · 2023-12-16 · via 博客园 - 白马黑衣

一、概要

1. 承上启下

(1) Nginx 系列

二、配置

1. 测试配置

2. nginx配置文件

(1) 配置文件

sudo vi /etc/nginx/nginx.conf

(2) 关键配置

events {
  worker_connections  4096;  ## Default: 1024
}
http {
  server {
    listen 80;
    listen [::]:80;
    server_name localhost;
    location / {
      root /etc/nginx/html;
      index index.html index.htm;
    }
  }
}

a. listen: 是nginx需要监听的端口号;

b. server_name: 是nginx代理的域名,如果配置成.example.com,则example.com所有子域名都会被命中;

c. location: 存储路径信息,这里root指http网站的根目录:

请求http://www.example.com/,返回页面对应的目录是/etc/nginx/html/index.html。

3. 子配置文件

(1) 按需创建

sudo vi /etc/nginx/conf.d/http
sudo vi /etc/nginx/conf.d/stream
sudo vi /etc/nginx/conf.d/mail
sudo vi /etc/nginx/conf.d/exchange-enhanced

a. Events: 一般链接处理;

b. Http: Http模块;

c. Mail: 邮件模块;

d. Stream: TCP和UDP流量。

(2) 在/etc/nginx/nginx.conf中按需添加引用

include /etc/nginx/conf.d/http/*.conf;
include /etc/nginx/conf.d/stream/*.conf;
include /etc/nginx/conf.d/exchange-enhanced/*.conf;

4. 配置证书

(1) Letscrypt证书

参考Letscrypt

(2) SELinux

使用自签发证书时,如果服务器开启了SELinux可能会出现Nginx无法加载证书文件的问题,此时需要运行以下命令解决:

sudo restorecon -v -R /etc/nginx/ssl

注意,/etc/nginx/ssl是证书所在的目录。

三、参考

1. 官方

http://nginx.org/en/docs/

http://nginx.org/en/docs/ngx_core_module.html

http://nginx.org/en/docs/http/ngx_http_core_module.html

http://nginx.org/en/docs/http/ngx_http_charset_module.html

http://nginx.org/en/docs/http/ngx_http_log_module.html

http://nginx.org/en/docs/mail/ngx_mail_ssl_module.html

http://nginx.org/en/docs/http/ngx_http_index_module.html

2. 其他

https://www.digitalocean.com/community/tools/nginx