1, 基础配置:
# For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; # ********************************************* www.junlenet.com ********************************************************** server { listen 80; server_name www.junlenet.com; location / { #root html; #index index.html index.htm; proxy_pass http://localhost:8080/home/; #带上/ proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 443 ssl; server_name www.junlenet.com; ssl_certificate ****.crt; ssl_certificate_key ****.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { #root html; #index index.html index.htm; proxy_pass http://localhost:8080/home/; #带上/ proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } # Settings for a TLS enabled server. # # server { # listen 443 ssl http2 default_server; # listen [::]:443 ssl http2 default_server; # server_name _; # root /usr/share/nginx/html; # # ssl_certificate "/etc/pki/nginx/server.crt"; # ssl_certificate_key "/etc/pki/nginx/private/server.key"; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 10m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # # location / { # } # # error_page 404 /404.html; # location = /40x.html { # } # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # } # } }
2, 相关命令:
centos7:
systemctl status nginx //查看状态
systemctl start nginx //启动, stop:停止, restart reload 重启
防火墙:
systemctl stop firewalld.service // start, restart
firewall-cmd --state #查看默认防火墙状态(关闭后显示notrunning,开启后显示running)
centos6 :
service nginx start // stop, reload,restart
注意:
阿里云,腾讯云 有安全组,记得去配置端口号,否则你就被玩坑了....
3,一个tomcat下多个项目, 再加nginx, session失效问题.
首先查看浏览器请求headers数据,发现每次JSESSIONID都会变. 说明session有问题.
配置tomcat server.xml context 添加 sessionCookiePath="/"
如果不行则再配置nginx:
如下面的例子:
server_name www.junlenet.com; charset utf-8; root /opt/apache-tomcat-7.0.53/webapps/demo/; location / { proxy_pass http://127.0.0.1:8180/demo/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; add_header From www.junlenet.org; proxy_cookie_path /demo/ /; proxy_set_header Cookie $http_cookie; }
配置允许跨域:
在location加入:
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true';
怎么找到nginx?
cd /usr/local/nginx/sbin
./nginx #运行; 运行上面那些命令无法启动时,可以使用这个启动.
./nginx -s reload #重启