nginx配置

2021-02-07

一、前后端分离代理配置

在进行前后端分离项目时,会遇到跨域问题,这时我们使用nginx去代理访问就可以解决跨域问题

这里采用新增配置文件的方式,不对原生配置文件进行大改动,只需在原配置文件里加入include去读指定目录下的配置文件即可,如下

http {
    	include       mime.types;
    	default_type  application/octet-stream;
    	log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    
    	sendfile  on;
    	tcp_nopush on;
    	tcp_nodelay on;
        client_max_body_size    2000m;
    	server_names_hash_bucket_size 128;
    	keepalive_timeout 60;
        client_header_timeout 60; 
        client_body_timeout 60; 
        send_timeout 60;
        client_header_buffer_size    10m;
        large_client_header_buffers  4 10m;
	gzip on;
	gzip_min_length 1k;
	gzip_buffers 16 64k;
	gzip_http_version 1.1;
	gzip_comp_level 6;
	gzip_types text/plain application/x-javascript text/css application/xml;
	gzip_vary on;
	server {
		listen  80  default;
		server_name  _;
		return 444;
	    }
	# 在这里配置去读区指定目录下的配置文件
	include C:/TRT/nginx/conf/vhosts/*.conf;
}

在👆上面指定读取的配置文件后,新增一个xxxx.conf文件进行配置

前后端配置

server {
  	# 端口
    listen 80; 
  	# 指定server name
    server_name www.aiyuxingfu.cn;
    error_log logs/aiyuxingfu.cn.log warn;
    access_log logs/aiyuxingfu.cn.access.log;
    client_max_body_size 300m;
    client_header_buffer_size 10m;
    large_client_header_buffers 4 10m;
    client_body_buffer_size 10m;
	
  # 跳转到https 即下面配置都不会启用 会跳转到 443端口的配置
	rewrite ^(.*)$ https://$host$1 permanent;
	#rewrite ^(.*)$ https://aiyuxingfu.cn:443/$1 permanent;
	
	location / {
	   root www;
	}
	
  location /console/ {
    # 指定跳转首页
    if (!-e $request_filename) {
      rewrite ^(.*)$ /console/index.html?c=$1 last;
      break;
    }
    # 前端项目包所在路径
    alias  C:/TRT/TRTPROJECT/console-ui/;
  }
	
	location /project/ {
		if (!-e $request_filename) {
			rewrite ^(.*)$ /project/index.html?p=$1 last;
			break;
		}
       alias  C:/TRT/TRTPROJECT/project-ui/;
   }
		
   # 后端代理路径
	 location /prod-api/ {
        proxy_pass http://127.0.0.1:8080;
   }

}

二、配置HTTPS

指定跳转到https端口后,使用以下配置文件

该案例采用阿里云ssl证书,证书和密钥从阿里云进行下载,放置在nginx的conf目录-新建一个文件夹存放密钥

server {
    listen 443; 
    server_name www.aiyuxingfu.cn;
  	# 根据nginx版本决定是否设置on
		ssl on;
	
    # 配置ssl证书
    ssl_certificate cert/4566504_aiyuxingfu.cn.pem;
    # 证书随附密钥
    ssl_certificate_key cert/4566504_aiyuxingfu.cn.key;
	
  	# 13-16行参照阿里云文档填写
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_prefer_server_ciphers on;
	
    # 19-24行参照trt填写 
    error_log logs/aiyuxingfu.cn.log warn;
    access_log logs/aiyuxingfu.cn.access.log;
    client_max_body_size 300m;
    client_header_buffer_size 10m;
    large_client_header_buffers 4 10m;
    client_body_buffer_size 10m;
	
	
	location / {
	    rewrite ^(.*)$ /project/index.html?p=$1;
	}
	
  location /console/ {
    if (!-e $request_filename) {
      rewrite ^(.*)$ /console/index.html?c=$1 last;
      break;
    }
  	alias  C:/TRT/TRTPROJECT/console-ui/;
  }
	
	location /project/ {
		if (!-e $request_filename) {
			rewrite ^(.*)$ /project/index.html?p=$1 last;
			break;
		}
        alias  C:/TRT/TRTPROJECT/project-ui/;
   }
    
	
	location /prod-api/ {
        proxy_pass http://127.0.0.1:8080;
   }

}