使用nginx
可參考此篇安裝
http://blog.hellojcc.tw/2015/12/07/nginx-beginner-tutorial/
重啟指令
sudo nginx -s stop && sudo nginx在Linux ubuntu 下的default webpage 路徑為
var/www/html或
/usr/share/nginx/htmlnginx的config 檔案路徑
會先經過 nginx.conf 之後才會去 sites-available/default
https://stackoverflow.com/a/43644053/4622645
/etc/nginx/nginx.conf
/etc/nginx/sites-available/default使用reverse proxy
location / {
proxy_pass http://localhost:3000;
}讓domain.com www.domain.com都導向https
完整範例:
server {
listen 80;
server_name test.com www.test.com;
rewrite ^/(.*) https://test.com/$1 permanent;
}
server {
server_name test.com;
listen 443;
ssl on;
ssl_certificate /usr/share/nginx/sslcrt/bundle.crt;
ssl_certificate_key /usr/share/nginx/sslcrt/private.key;
location / {
proxy_pass http://localhost:3000;
}}設定靜態目錄
server {
listen 80 default_server;
listen [::]:80 default_server;
root /home/test/getuserInfo/front-end/build;
index index.html index.htm index.nginx-debian.html; # 預設會先連到這些檔案
server_name _;
}websocket有問題
加入以下配置
location / {
...
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}注意事項
使用AWS或其他VPS記得開防火牆的inbound記得開443PORT設置可參考一篇不錯的文章 https://www.linode.com/docs/websites/nginx/how-to-configure-nginx#start-stop-reload
有關使用cloudflare與nginx配置之SSL可參考web_Basic之cloudflare章節
配置GZIP
https://www.digitalocean.com/community/tutorials/how-to-add-the-gzip-module-to-nginx-on-ubuntu-14-04
http://www.cnblogs.com/zfying/archive/2012/07/07/2580876.html
配置Request Limit
https://www.nginx.com/blog/rate-limiting-nginx/
EX:
limit_req_zone $binary_remote_addr zone=req_zone:10m rate=5r/s;
server {
listen 443;
server_name api.example.com;
gzip on;
ssl on;
ssl_certificate sites-available/c.pem;
ssl_certificate_key sites-available/c.key;
underscores_in_headers on;
location / {
limit_req zone=req_zone burst=10 nodelay;
proxy_pass http://localhost:3001;
}
}記得要加上 burst (幾秒內的容許值) 與 nodelay (同時發送請求時一起執行),不然會使用平均秒數法自動幫你計算,只發兩個請求卻超過上面設置的 5r/s,產生 Nginx 503 error。
limit_req zone=.. burst=5 nodelay;
配置Load Balance
http {
upstream cluster {
server 127.0.0.1:3000;
server 127.0.0.1:3001;
server 127.0.0.1:3002;
server 127.0.0.1:3003;
}
server {
listen 80;
server_name www.domain.com;
location / {
proxy_pass http://cluster;
}
}
}可能錯誤
1.Nginx fails to stop and nginx.pid is missing
解決方法
ps -ef |grep nginx
會顯示如下
www-data 16751 1 0 Jun19 ? 00:00:07 nginx: worker process
然後
sudo kill -9 16751
重啟
sudo nginxEXAMPLE 1: (WEB)
server {
listen 80;
server_name sakatu.com;
rewrite ^/(.*) https://rent.sakatu.com/$1 permanent;
}
server {
listen 80;
server_name rent.sakatu.com;
rewrite ^/(.*) https://rent.sakatu.com/$1 permanent;
}
server {
listen 80;
server_name www.sakatu.com;
rewrite ^/(.*) https://sakatu.com permanent;
}
server {
server_name rent.sakatu.com;
listen 443;
root /home/ubuntu/sharehandi_web/build;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
include /etc/nginx/mime.types;
ssl on;
ssl_certificate /usr/share/nginx/sslcrt/cert.pem;
ssl_certificate_key /usr/share/nginx/sslcrt/private.key;
location / {
try_files $uri /index.html;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
location /google7d69523ad2a54000.html{
try_files /../../googlesearch/google7d69523ad2a54000.html /test.html;
}
location /sitemap.txt {
try_files /../../sitemap.txt /test.html;
}
}
server {
listen 443;
server_name chat.sakatu.com;
location / {
proxy_pass http://localhost:3005;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
}EXAMPLE 2: (API)
limit_req_zone $binary_remote_addr zone=req_zone:10m rate=5r/s;
server {
listen 443;
server_name api.sakatu.com;
gzip on;
ssl on;
ssl_certificate sites-available/c.pem;
ssl_certificate_key sites-available/c.key;
underscores_in_headers on;
location / {
limit_req zone=req_zone burst=10 nodelay;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
proxy_pass http://localhost:3001;
}
}讀取index.html
server {
listen 80 default;
root /home/yichengww/build;
location / {
try_files $uri /index.html;
}
}記得root不可寫
~
配置優化
優化 production 部署的 server 效率
https://imququ.com/post/my-nginx-conf-for-wpo.html
注意事項
1.有時如果以下指令出現"nginx.pid" failed
nginx -s reload可替換為
sudo service nginx restart2.nginx: [emerg] open() "/usr/local/Cellar/nginx/1.15.0/logs/error.log" failed (2: No such file or directory)
可以創建一個error.log檔案即可
mkdir /usr/local/Cellar/nginx/1.15.0/logs && echo > error.log3.nginx: [emerg] bind() to 0.0.0.0:82 failed (13: Permission denied)
使用sudo nginx 即可Last updated
Was this helpful?