nginx配置多个域名, http https共用配置

https://www.cnblogs.com/dayq/p/17488471.html

0. user

groupadd nginx
useradd nginx -g nginx

mkdir /var/www/nginx
chown -R nginx:nginx /var/log/nginx/*

1. nginx

vim /usr/local/openresty/nginx/conf/nginx.conf

域名 s1.com *.s1.com 建议分开写两个?

如果需要多个域名共用端口则复制多个

增加回源地址 Proxy: “$proxy_host” “$upstream_addr”

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

......

http {
	log_format  main  '$fmt_localtime $request_time $server_addr $server_port $remote_addr $remote_port $status $body_bytes_sent $request_method $server_protocol'
			  ' "$host" "$uri" "$query_string" "$http_referer" "$http_user_agent" "$ssl_protocol" "$ssl_cipher" "-" "$remote_user" "$http_x_forwarded_for"'
			  ' Proxy: $upstream_response_time $proxy_host $upstream_addr $upstream_status $upstream_response_length';
	access_log  /var/log/nginx/access.log  main;

	map $host $fmt_localtime {
		default '';
	}
	log_by_lua_block {
		ngx.var.fmt_localtime = ngx.localtime();
	}

	sendfile      on;
	tcp_nopush        on;
	tcp_nodelay       on;
	keepalive_timeout 65;
	types_hash_max_size   4096;
	#gzip  on;


	include       mime.types;
	default_type  application/octet-stream;


	server {
		listen  80;
		listen  443 ssl;
		server_name s1.com;

		ssl_certificate       /var/www/s1.com.pem;
		ssl_certificate_key   /var/www/s1.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.1.11:11;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}

	server {
		listen  80;
		listen  443 ssl;
		server_name *.s1.com;

		ssl_certificate       /var/www/s1.com.pem;
		ssl_certificate_key   /var/www/s1.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.1.11:11;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}



	server {
		listen  80;
		listen  443 ssl;
		server_name s2.com;

		ssl_certificate       /var/www/s2.com.pem;
		ssl_certificate_key   /var/www/s2.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.2.22:22;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}

	server {
		listen  80;
		listen  443 ssl;
		server_name *.s2.com;

		ssl_certificate       /var/www/s2.com.pem;
		ssl_certificate_key   /var/www/s2.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.2.22:22;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}
}

2. log 配置

vim /etc/logrotate.d/nginx

/var/log/nginx/*.log {
    create 0640 nginx root
    weekly
    rotate 100
    missingok
    notifempty
    delaycompress
    sharedscripts
    postrotate
        /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
    endscript
}

kk Blog —— 通用基础

date [-d @int|str] [+%s|"+%F %T"]
netstat -ltunp
sar -n DEV 1

nginx配置多个域名, http https共用配置

0. user

1. nginx

2. log 配置