5.9 KiB
5.9 KiB
Nginx
常用命令
# 启动 Nginx 服务
sudo systemctl start nginx
# 关闭
sudo systemctl stop nginx
# 重启
sudo systemctl restart nginx
# 重新加载 Nginx 以应用更改
sudo systemctl reload nginx
# 默认目录
cd /var/www/
# 配置文件
cd /etc/nginx/
/etc/nginx/nginx.conf
#测试 Nginx 配置是否正确
sudo nginx -t
在 Ubuntu 22.04 上安装和配置 Nginx
安装
#首先,确保您的软件包索引是最新的:
sudo apt update
#步骤 2:安装 Nginx
sudo apt install nginx
#步骤 3:启动 Nginx 服务
sudo systemctl start nginx
#步骤 4:使 Nginx 服务开机自启
sudo systemctl enable nginx
#步骤 5:检查 Nginx 状态
sudo systemctl status nginx
#步骤 6:配置防火墙
sudo ufw allow 'Nginx Full'
配置ssh
常见的存放路径是 /etc/nginx/ssl/
sudo mkdir -p /etc/nginx/ssl
sudo cp /path/to/your/example.com.crt /etc/nginx/ssl/
sudo cp /path/to/your/example.com.key /etc/nginx/ssl/
server {
listen 443 ssl;
server_name api.zpc-xy.com;
ssl_certificate /etc/nginx/ssl/api.zpc-xy.com_nginx/api.zpc-xy.com_bundle.crt;
ssl_certificate_key ssl/api.zpc-xy.com_nginx/api.zpc-xy.com.key;
# ssl_protocols TLSv1.2 TLSv1.3; # 仅使用 TLS 1.2 和 1.3
# ssl_ciphers HIGH:!aNULL:!MD5; # 配置强密码套件
# location / {
# proxy_pass http://localhost:3000; # 例如,如果你有一个后端应用运行在端口3000
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# }
}
配置文件
# 基础配置
server {
listen 80;
server_name example.com www.example.com;
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
}
}
server {
# 添加虚拟目录映射
location /output/ {
# alias /disk/ai_sports/DataGateway/output/;
# 或者使用 root 指令(视具体情况而定)
root /disk/ai_sports/DataGateway/output/;
# 可选配置:根据需要添加其他指令,如访问控制、缓存策略等
autoindex on; # 如果希望列出目录内容
# expires 30d; # 设置静态资源缓存过期时间
# try_files $uri $uri/ =404; # 用于处理目录索引和文件不存在的情况
}
}
# 代理转发
server {
listen 82 default_server;
listen [::]:82 default_server;
#root /var/www/web;
# Add index.php to the list if you are using PHP
#index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
proxy_pass http://192.168.195.32:8189;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 代理转发,允许websocket
server {
listen 82 default_server;
listen [::]:82 default_server;
#root /var/www/web;
# Add index.php to the list if you are using PHP
#index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
proxy_pass http://192.168.195.32:8189;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
### 添加跨域
server {
listen 83 default_server;
listen [::]:83 default_server;
#root /var/www/web;
# Add index.php to the list if you are using PHP
#index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
proxy_pass http://192.168.195.32:9967;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# 添加自定义标头
# 添加 CORS 标头
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
# 如果需要处理 OPTIONS 请求
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Length' 0;
add_header 'Content-Type' 'text/plain charset=UTF-8';
return 204;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
安装支持 ngx_stream 模块的 Nginx 版本:
sudo apt update
sudo apt install nginx-full
# 更新配置以启用 stream 模块: nginx.conf 文件中添加
stream {
upstream rdp_backend {
server windows_server_ip:3389;
}
server {
listen 3389; # 监听的端口,可以根据需要修改
proxy_pass rdp_backend;
}
}
## 进阶选项 nginx.conf 文件中添加
stream {
include /etc/nginx/stream.d/*.conf; # 确保 stream 块包含 conf.d 目录中的配置文件
}
#/etc/nginx/stream.d/rdp.conf
upstream rdp_backend {
server 192.168.195.4:3389; # 将此 IP 替换为你的 Windows 服务器 IP
}
server {
listen 89; # Nginx 监听的端口,可以根据需要修改
proxy_pass rdp_backend;
}