Nginx新增域名或修改配置文件时,不要直接修改默认的配置文件000-default,因为使用WIDE工具更新nginx时会把你的修改覆盖掉;如果需要新增域名请按如下操作:
1. 拷贝配置文件(test.wware.org设置成你要添加的域名,以便区分配置文件)
cp /usr/local/nginx/conf/sites-available/000-default /usr/local/nginx/conf/sites-available/test.wware.org将server_name 指令后面指定的域名修改为你要添加的域名
内容编辑 :
#### -*-mode: nginx; mode: flyspell-prog; ispell-local-dictionary: "american" -*-
### Block all illegal host headers. Taken from a discussion on nginx
### forums. Cf. http://forum.nginx.org/read.php?2,3482,3518 following
### a suggestion by Maxim Dounin. Also suggested in
### http://nginx.org/en/docs/http/request_processing.html#how_to_prevent_undefined_server_names.
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
###在自己扩展的站点配置中,复制下行,并添加对应的映射项,例如从api.XXX.XXX到www.XXX.XXXX。
map $host $upstream_host {
default $host;
# api.example.com www.example.com;
}
# caching options
proxy_cache_path /home/httpd/cache/nginx levels=1:2 keys_zone=wware-cache:8m max_size=1000m inactive=600m;
proxy_temp_path /home/httpd/cache/tmp;
server {
large_client_header_buffers 4 32k;
listen 80 default_server deferred; # IPv4
#error_log /var/log/nginx/error_debug.log debug;
#error_log /var/log/nginx/error.log;
#access_log /var/log/nginx/access.$http_host.log;
#we put all log in access.log, so we can monitor it in wide.
access_log /var/log/nginx/access.log;
#301 redirect if http_host is a main domain(i.e:wware.org)
#abandoned solution of not starting with www: (if ($http_host !~* ^www\.){
if ($http_host ~* ^[a-zA-Z0-9-_]+\.\w+$) {
return 301 $scheme://www.$http_host$request_uri;
}
## Socket options can only be specified once, hence the different
## address for the 'default' server.
# listen [fe80::202:b3ff:fe1e:8328]:80 default_server ipv6only=on; # IPv6
#root /home/httpd/www/$http_host;
root /home/httpd/data/fs/static/$host;
#Specify a charset
charset utf-8;
index index.html index.htm;
#server_name $http_host;
server_name _;
## See the blacklist.conf file at the parent dir: /etc/nginx.
## Deny access based on the User-Agent header.
if ($bad_bot) {
return 444;
}
## Deny access based on the Referer header.
if ($bad_referer) {
return 444;
}
## Protection against illegal HTTP methods. Out of the box only HEAD,
## GET and POST are allowed.
if ($not_allowed_method) {
return 405;
}
## If you're using a Nginx version greater or equal to 1.1.4 then
## you can use keep alive connections to the upstream be it
## FastCGI or Apache. If that's not the case comment out the line below.
#fastcgi_keep_conn on; # keep alive to the FCGI upstream
## @FIXME: shall we redirect error page to nodejs for more sophisticated processing???
error_page 500 502 503 504 /500.html;
error_page 404 /404.html;
################################################################
### Configuration for pagespeed.
################################################################
include apps/pagespeed.conf;
################################################################
### Configuration for standard WWARE.
################################################################
include apps/wware.conf;
location /http-bind {
log_not_found off;
access_log off;
proxy_buffering off;
gzip_static on;
gzip_vary on;
tcp_nodelay on;
keepalive_timeout 55;
proxy_pass http://127.0.0.1:7070;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-URL $request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
location = /favicon.ico {
log_not_found off;
access_log off;
gzip_static on;
gzip_vary on;
expires 30d;
add_header Cache-Control "public, must-revalidate, post-check=0, pre-check=0";
}
## Including the Nginx stub status page for having stats about
## Nginx activity: http://wiki.nginx.org/HttpStubStatusModule.
include nginx_status_vhost.conf;
}
修改完配置文件后,重启服务
bash /home/httpd/wware/tools/restartserver.sh
1)开启http2,只需要在listen指令后添加http2字符即可:
listen 443 ssl http2;
# nginx的nginx-upload-module模块目前不支持http2,所以网站如果使用nginx-upload-module模块的需要先禁用http2.2)使http访问自动跳转到https访问
server {
listen 80;
server_name domain.com;
return 301 https://$http_host$request_uri;
}