nginx安装
2024年9月27日大约 2 分钟
操作系统中安装
类似教程和文档太多,针对windows和linux有不同的安装方式,这里就不具体介绍。主要介绍下docker方式安装。
docker安装
提示
运行容器前,没有网桥,请先创建网桥,用于容器间通讯: docker network create -d bridge fastbee-bridge
- 执行一下命令安装nginx,安装完成后,前端运行打包,把dist文件夹中内容上传到
/var/data/nginx/vue目录下
docker run \
--name nginx \
--volume /var/data/nginx/vue:/usr/share/nginx/html \
--publish 80:80 \
--publish 443:443 \
--network fastbee-bridge \
--restart unless-stopped \
--detach \
nginx:stable上面命令容器使用bridge网络模式,需要开放对应端口80、443等。也可以使用下面命令,容器使用host网络模式,容器共享宿主机的网络设置。使用host模式可能会导致安全隐患,如果容器本身存在安全漏洞,则容易受到攻击。
docker run \
--name nginx \
--net=host \
--volume /var/data/nginx:/usr/share/nginx \
--volume /var/data/nginx/nginx.conf:/etc/nginx/nginx.conf \
--volume /var/data/nginx/log:/var/log/nginx \
--restart unless-stopped \
--detach \
nginx:stable进入容器内部,执行命令:
docker exec -it nginx /bin/sh修改配置文件,直接复制进去执行,exit用于退出容器
tee /etc/nginx/nginx.conf <<-'EOF'
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
client_max_body_size 10m;
gzip on;
gzip_min_length 1k;
gzip_buffers 16 64K;
gzip_http_version 1.1;
gzip_comp_level 5;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
# Http跳转Https
# server {
# listen 80;
# server_name localhost;
# location / {
# rewrite ^(.*) https://$server_name$1 permanent;
# }
# }
server {
listen 80;
# SSL 默认访问端口号为443
listen 443 ssl;
server_name localhost;
charset utf-8;
# 证书文件的路径
ssl_certificate /usr/share/nginx/ssl/fastbee.crt;
# 私钥文件的路径
ssl_certificate_key /usr/share/nginx/ssl/fastbee.key;
ssl_session_timeout 10m;
# 请按照以下协议配置
ssl_protocols TLSv1.2 TLSv1.3;
# 请按照以下套件配置,配置加密套件,写法遵循openssl 标准
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
# 前端
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
# 后端接口
location /prod-api/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8080/;
}
# wss连接代理到ws
location /mqtt {
proxy_pass http://localhost:8083/mqtt;
proxy_read_timeout 60s;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'Upgrade';
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
EOF
exit- 重启容器,使配置生效:
docker restart nginx