本文主要介绍第三期[CentOS+nginx building personal website]中的nginx.conf文件。以下是nginx.conf的主要配置。您可以根据自己的情况修改红色注释。
如果您不知道nginx.conf文件在哪里,请在终端上输入nginx-t!如图所示
Tips:修改完后请删掉红色注释!
从代码开始到代码结束大家可以直接覆盖本地文件然后修改个别地方就好!
<!–代码开始|请勿复制–>
# For more information on configuration, see:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
log_format main ‘$remote_addr – $remote_user [$time_local] “$request” ‘
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name www;#www代表你的域名
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location /store {
alias /data/mblog/store;
}
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate “/etc/pki/nginx/server.crt”;
# ssl_certificate_key “/etc/pki/nginx/private/server.key”;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
server {
listen 443 ssl;#有的配置在这里不加ssl会导致网页无法浏览(甚至nginx无法启动),自行决定就好
server_name www;#www代表你的域名
ssl on;
ssl_certificate XXX.crt;#这里写的证书路径及名称,如etc/nginx/xxx.crt
ssl_certificate_key XXX.key;#这里写私钥的路径及名称,如etc/nginx/xxx.key
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
#location / {
# index index.html indez.htm;
#}
location /store{
alias /data/mblog/store;
}
}
}
<!–代码结束|请勿复制–>
上边图片里的代码为Nginc+tomcat实现反向代理,即你的服务器上有多个网站。但我们不可能让它们全部被80(例)端口去监听,这样太浪费资源也不现实,所以利用反向代理把他们部署到其他端口,如果你的服务器只有这一个业务可以注释(或删掉)这段代码!
写在最后(个人感想,大家时间宝贵直接看上面的就好了):