Tomato Blog
Nginx配置
smartpotato 元婴
  2025-05-08   2025-05-08    398 字  2 分钟  
本文距离上次更新已过去 0 天,部分内容可能已经过时,请注意甄别。

Nginx配置

添加SSL模块

1
2
3
错误信息:

nginx: [emerg] the “ssl” parameter requires ngx_http_ssl_module in /usr/local/nginx/conf/nginx.conf:37

切换到源码包:

1
cd /usr/local/src/nginx-1.11.3

查看nginx原有的模块

1
/usr/local/nginx/sbin/nginx -V

在configure arguments:后面显示的原有的configure参数如下:

1
–prefix=/usr/local/nginx --with-http_stub_status_module

那么我们的新配置信息就应该这样写:

1
./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module

运行上面的命令即可,等配置完

配置完成后,运行命令

1
make

这里不要进行make install,否则就是覆盖安装

然后备份原有已安装好的nginx

1
cp /usr/local/nginx/sbin/nginx /usr/local/nginx/sbin/nginx.bak

然后将刚刚编译好的nginx覆盖掉原有的nginx(这个时候nginx要停止状态)

1
cp ./objs/nginx /usr/local/nginx/sbin/

然后启动nginx,仍可以通过命令查看是否已经加入成功

1
/usr/local/nginx/sbin/nginx -V

http反向代理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
	

    # another virtual host using mix of IP-, name-, and port-based configuration
   
    server {
        listen       80;
        server_name  150.158.25.125;
        location / {
				 proxy_set_header X-Forwarded-For$proxy_add_x_forwarded_for;
                 proxy_set_header Host $http_host;
                 proxy_redirect off;
                 proxy_pass http://127.0.0.1:5212;
				}
	}
}

https反向代理

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
		#listen 80 default backlog=2048;
        listen       443 ssl;
        server_name  150.158.25.125;

        ssl_certificate      /usr/local/nginx/conf/crt/server.crt;
        ssl_certificate_key  /usr/local/nginx/conf/crt/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            proxy_pass http://127.0.0.1:5212;
        }
    }

}

 打赏作者