ngxin 转发本机8080端口至域名,强制使用https协议

1.阿里云服务器部署nginx 直接yum装,这里重点突出配置文件。(修改/etc/nginx/nginx.conf)

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    
    
    worker_connections  1024;
}


http {
    
    
    include       mime.types;
    default_type  application/octet-stream;
    fastcgi_buffers 8 16k;
    fastcgi_buffer_size 32k;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

2创建代理文件夹 (mkdir /etc/nginx/conf.d)并配置代理文件

    #
    upstream   代理的域名 {
    
    
        server 127.0.0.1:8080;
        keepalive 64;
    }


      
        server {
    
    
                listen 80;
                #listen [::]:80;
                listen 443 ssl http2;
                #listen [::]:443 ssl;
                server_name 代理的域名.com www.代理的域名.com
                ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
                ssl_certificate  /etc/nginx/ssl/生成的证书.pem;
                ssl_certificate_key   /etc/nginx/ssl/生成的证书.key;

        if ($scheme = http) {
    
    
            rewrite ^(.*)$ https://$host$request_uri permanent;
        }



               location   / {
    
    
                 proxy_ignore_client_abort on;
                 proxy_next_upstream http_500 http_502  http_503 http_504  error timeout invalid_header;
                 proxy_http_version 1.1;
                 proxy_set_header Connection "";
                 proxy_set_header Host $host;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_send_timeout 18000s;
                 proxy_read_timeout 18000s;
                 proxy_pass http://127.0.0.1:8080;
                # logging
                access_log /var/log/nginx/代理的域名.access.log main;
                error_log /var/log/nginx/**代理的域名**.error.log warn;
                        }

       location ^~ /.well-known/ {
    
    
                root /var/www/example;
            }


        }

3.校验并重载nginx
nginx -t (没有error)
nginx -s reload

4.阿里云免费证书参考:
https://freesion.com/article/21531295842/
其他免费证书参考:
https://blog.csdn.net/qq_48804275/article/details/127680805

猜你喜欢

转载自blog.csdn.net/Chen118222/article/details/128705840
今日推荐