nginx_2_web服務配置

nginx:
    server{} : 虛擬主機

    location [ = | ~ | ~* | ^~ ] URI {...} :
       
       location URI {}:
         對當前路徑及子路徑下的全部對象都生效
       
       location = URI {}:
         精確匹配指定的路徑，不包括子路徑，只對當前資源生效
       
       location ~ | ~* URI {}:
         使用正則表達式，~區分大小寫，~*不區分大小寫

       location ^~ URI {}:
         不使用正則表達式

       優先級: = --> ^~ --> ~,~* --> " "
         
       

    


    httpd:
      基於本地文件路徑
       <DocumentRoot "">

       </DocumentRoot>
      
      基於URI
       <Location "/bbs">

       </Location>





nginx.conf

worker_processes  2;    #定義worker進程的個數

events {
    worker_connections  1024;  
}                       #定義每一個worker進程的最大鏈接數爲1024個


http {
    include        mime.types;                   #指定包含的文件
    default_type   application/octet-stream;     #默認支持的類型

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on; #nagle算法

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;          #是否進行壓縮後再發送

# HTTP Server

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   /var/www/html;
            index  index.html;
           }

        location = /bbs.html {
            root   /var/www/bbs;
        allow 192.168.21.85;
            deny all;
        auth_basic    "The authentication"
        auth_basic_user_file /usr/local/nginx/.user
            
#建立用戶驗證文件
#[root@nginx html]# htpasswd -c -m /usr/local/nginx/.user hale
#New password:
#Re-type new password:
#Adding password for user hale

#增長一個用戶test
#[root@nginx html]# htpasswd -m /usr/local/nginx/.user test
           }


#定義一個狀態檢測
        location /status {
            stub_status on;
            access_log off;
            allow 192.168.21.85;
            deny all;
           }


        
    error_page  404              /404.html;
        location = /404.html {
              root   html;
             }

        error_page   500 502 503 504  /50x.html;
            location = /50x.html {
              root   html;
            }

    
# HTTPS server

    server {
         listen       443;
         server_name  localhost;

         ssl                  on;
         ssl_certificate      /etc/nginx/ssl/nginx.crt;
         ssl_certificate_key  /etc/nginx/ssl/nginx.key;

         ssl_session_cache    shared:SSL:1m;
         ssl_session_timeout  5m;

         ssl_ciphers  HIGH:!aNULL:!MD5;
         ssl_prefer_server_ciphers  on;

         location / {
            root   /var/ssl;
            index  index.html index.htm;
           }

#建立SSL須要的證書CA
# [root@nginx ~]# mkdir /etc/nginx/ssl
# [root@nginx ~]# vim /etc/pki/tls/openssl.cnf   #修改dir = /etc/pki/CA
# [root@nginx ~]# cd /etc/pki/CA/
# [root@nginx CA]# (umask 077; openssl genrsa 2048 > private/cakey.pem)
# [root@nginx CA]# openssl req -new -x509 -key private/cakey.pem -out cacert.pem
# [root@nginx CA]# echo 01 >serial
# [root@nginx CA]# touch index.txt
# [root@nginx CA]# ls

# [root@nginx CA]# cd /etc/nginx/ssl/
# [root@nginx ssl]# (umask 077; openssl genrsa 1024 > nginx.key)
# [root@nginx ssl]# openssl req -new -key nginx.key -out nginx.csr
# [root@nginx ssl]# openssl ca -in nginx.csr -out nginx.crt -days 3650

        }
       
   }