本文更新于2021-04-30,使用nginx 1.16,
目錄- 變數
- 配置
- http
- http.client_max_body_size
- http.server
- http.server.client_max_body_size
- http.server.listen
- http.server.location
- http.server.location.client_max_body_size
- http.server.location.proxy_pass
- http.server.location.proxy_read_timeout
- http.server.location.proxy_set_header
- http.server.rewrite
- http.server.server_name
- http.server.ssl_certificate
- http.server.ssl_certificate_key
- http.server.ssl_ciphers
- http.server.ssl_prefer_server_ciphers
- http.server.ssl_session_cache
- http.server.ssl_session_timeout
- http.server_names_hash_bucket_size
- user
- 示例
- HTTP反向代理
- HTTPS反向代理
- WebSocket反向代理
- 重定向
變數
配置中可使用以下變數:
- $N:正則運算式匹配時與第N個分組(以“()”引起)匹配的內容,從0開始,
- $http_upgrade:Upgrade首部的值,
- $request_uri:從路徑開始的請求URI,
配置
[]引起表示可選,大寫字母需使用實際的配置值,
http
HTTP,
http {
}
http.client_max_body_size
HTTP最大的物體大小,可使用k、m、g等表示大小,
http {
client_max_body_size SIZE;
}
http.server
HTTP服務,可指定多個,
http {
server {
}
}
http.server.client_max_body_size
HTTP服務最大的物體大小,可使用k、m、g等表示大小,
http {
server {
client_max_body_size SIZE;
}
}
http.server.listen
HTTP服務監聽的埠,可指定使用HTTPS(SSL),
http {
server {
listen PORT [ssl];
}
}
http.server.location
URL路徑前綴匹配規則,
http {
server {
location PATH_PATTERN {
}
}
}
http.server.location.client_max_body_size
URL路徑最大的物體大小,可使用k、m、g等表示大小,
http {
server {
location PATH_PATTERN {
client_max_body_size SIZE;
}
}
}
http.server.location.proxy_pass
反向代理請求的后端地址,
http {
server {
location PATH_PATTERN {
proxy_pass PROXY_URL;
}
}
}
PROXY_URL中可使用$request_uri,
或,假設原始請求的路徑為/PATH/SUB_PATH,PATH_PATTERN匹配/PATH,若PROXY_URL以/結尾,則代理請求的路徑為PROXY_URL/SUB_PATH;若PROXY_URL不以/結尾,則代理請求的路徑為PROXY_URL/PATH/SUB_PATH,
http.server.location.proxy_read_timeout
反向代理從后端的讀超時,可使用h、m、s等表示時長,
http {
server {
location PATH_PATTERN {
proxy_read_timeout TIMEOUT;
}
}
}
http.server.location.proxy_set_header
反向代理請求后端時的首部設定,可指定多個,
http {
server {
location PATH_PATTERN {
proxy_set_header HEADER VALUE;
}
}
}
VALUE可使用$http_upgrade,
http.server.rewrite
重定向的地址,
http {
server {
rewrite REQUEST_URI_PATTERN REDIRECT_URL [last|break|redirect|permanent];
}
}
REQUEST_URI_PATTERN進行匹配時忽略請求的方案、主機和埠,從路徑開始匹配,可使用正則運算式,
REDIRECT_URL可使用以下變數:
- $N
- $request_uri
http.server.server_name
HTTP服務的主機名,請求的Host首部匹配該值,
http {
server {
server_name HOST;
}
}
http.server.ssl_certificate
HTTPS證書PEM檔案路徑,
http {
server {
ssl_certificate CERT.PEM;
}
}
http.server.ssl_certificate_key
HTTPS證書KEY檔案路徑,
http {
server {
ssl_certificate_key CERT.KEY;
}
}
http.server.ssl_ciphers
http {
server {
ssl_ciphers HIGH:!aNULL:!MD5;
}
}
http.server.ssl_prefer_server_ciphers
http {
server {
ssl_prefer_server_ciphers on;
}
}
http.server.ssl_session_cache
http {
server {
ssl_session_cache shared:SSL:1m;
}
}
http.server.ssl_session_timeout
http {
server {
ssl_session_timeout 5m;
}
}
http.server_names_hash_bucket_size
出現類似“nginx: [emerg] could not build server_names_hash, you should increase server_names_hash_bucket_size: 32”的錯誤時,加大該值,
http {
server_names_hash_bucket_size N;
}
user
運行作業行程的作業系統用戶名,
user USER;
示例
HTTP反向代理
http {
# Other configurations...
server {
listen 80;
server_name www.myweb.com;
location / {
proxy_pass http://localhost:81;
}
}
}
HTTPS反向代理
http {
# Other configurations...
server {
listen 443 ssl;
server_name www.myweb.com;
ssl_certificate /certificate/dir/cert.pem;
ssl_certificate_key /certificate/dir/key.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://localhost:81;
}
}
}
WebSocket反向代理
http {
# Other configurations...
server {
listen 80;
server_name www.myweb.com;
location /websocket {
proxy_pass http://localhost:81/websocket;
proxy_read_timeout 1h;
proxy_set_header Connection Upgrade;
proxy_set_header Upgrade $http_upgrade;
}
}
}
重定向
http {
server {
listen 80;
server_name www.myweb.com;
rewrite .* https://www.herweb.com$request_uri;
}
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/281974.html
標籤:其他
上一篇:從0開始學游戲開發,游戲開發入門