kk Blog —— 通用基础


date [-d @int|str] [+%s|"+%F %T"]
netstat -ltunp
sar -n DEV 1

nginx配置多个域名, http https共用配置

https://www.cnblogs.com/dayq/p/17488471.html

0. user

1
2
3
4
5
groupadd nginx
useradd nginx -g nginx

mkdir /var/www/nginx
chown -R nginx:nginx /var/log/nginx/*

1. nginx

vim /usr/local/openresty/nginx/conf/nginx.conf

域名 s1.com *.s1.com 建议分开写两个?

如果需要多个域名共用端口则复制多个

增加回源地址 Proxy: “$proxy_host” “$upstream_addr”

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

......

http {
	log_format  main  '$fmt_localtime $request_time $server_addr $server_port $remote_addr $remote_port $status $body_bytes_sent $request_method $server_protocol'
			  ' "$host" "$uri" "$query_string" "$http_referer" "$http_user_agent" "$ssl_protocol" "$ssl_cipher" "-" "$remote_user" "$http_x_forwarded_for"'
			  ' Proxy: $upstream_response_time $proxy_host $upstream_addr $upstream_status $upstream_response_length';
	access_log  /var/log/nginx/access.log  main;

	map $host $fmt_localtime {
		default '';
	}
	log_by_lua_block {
		ngx.var.fmt_localtime = ngx.localtime();
	}

	sendfile      on;
	tcp_nopush        on;
	tcp_nodelay       on;
	keepalive_timeout 65;
	types_hash_max_size   4096;
	#gzip  on;


	include       mime.types;
	default_type  application/octet-stream;


	server {
		listen  80;
		listen  443 ssl;
		server_name s1.com;

		ssl_certificate       /var/www/s1.com.pem;
		ssl_certificate_key   /var/www/s1.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.1.11:11;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}

	server {
		listen  80;
		listen  443 ssl;
		server_name *.s1.com;

		ssl_certificate       /var/www/s1.com.pem;
		ssl_certificate_key   /var/www/s1.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.1.11:11;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}



	server {
		listen  80;
		listen  443 ssl;
		server_name s2.com;

		ssl_certificate       /var/www/s2.com.pem;
		ssl_certificate_key   /var/www/s2.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.2.22:22;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}

	server {
		listen  80;
		listen  443 ssl;
		server_name *.s2.com;

		ssl_certificate       /var/www/s2.com.pem;
		ssl_certificate_key   /var/www/s2.com.key;

		client_max_body_size 200m;

		proxy_http_version 1.1;
		proxy_set_header Connection "";
		proxy_set_header Host $http_host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_buffering off

		location / {
			proxy_pass https://192.168.2.22:22;
		}

		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   html;
		}
	}
}

2. log 配置

vim /etc/logrotate.d/nginx

1
2
3
4
5
6
7
8
9
10
11
12
/var/log/nginx/*.log {
    create 0640 nginx root
    weekly
    rotate 100
    missingok
    notifempty
    delaycompress
    sharedscripts
    postrotate
        /bin/kill -USR1 `cat /run/nginx.pid 2>/dev/null` 2>/dev/null || true
    endscript
}

tools, nginx

« Ajax使用FormData上传文件 php ci 数据缓存 »