original
https://mp.weixin.qq.com/s/zFEk7XzHj3xPReDXEnQxcQ
https://nginxconfig.io/
Nginx as a lightweight HTTP server, compared to Apache advantage is more obvious in the performance of its small footprint, can support more concurrent connections higher, so as to improve access efficiency; functionally it is a very good proxy server and load balancing servers; it is on the installation configuration installation, configuration are relatively simple.
About Nginx deployment, configuration article number has been posted much public:
Nginx HTTP server service introduction continued
Nginx optimized configuration in detail
Nginx version of one minute to get a smooth upgrade and rollback
Ultimate Guide: 12 Tips to improve the hardness of Nginx server
High-volume, high-load scenarios Nginx + Linux Performance Tuning
ELK log analysis Nginx using the actual production (HD multi-map)
Many articles, one by one is no longer listed, interested, in need can go to the public to find relevant articles by number search function.
For a detailed explanation of some configuration of Nginx, before also wrote articles related to:
Nginx optimized configuration in detail
But in the actual configuration of the production environment, often encountered certainly need to modify, increase or re-issue Nginx configuration, sometimes the demand is diverse, minor changes often happens, some of that mistake, especially in annoying cable.
Based on the above reasons, certainly many readers partners often collect some configuration files, or computer also keeps some of their daily common configuration case, but after all, is not very convenient. Today, migrant workers brother to introduce a "super cattle breaking artifact" can be configured to generate a key line of Nginx.
URL: https: //nginxconfig.io/
NGINX Config supports HTTP, HTTPS, PHP, Python, Node.js, WordPress, Drupal, caching, reverse proxy, logs and other configuration options. Nginx Web server generates configuration files online.
Operating configuration is also very simple, you need to do only 2 steps:
-
Open official website
-
Configuration parameters on demand
The system will automatically generate a specific profile. While the interface is in English, but the page functions do very intuitive, resulting Nginx format specification.
After a rough landing interface is as follows:
Case
配置域名:mingongge.com 实现用户访问*.mingongge.com 域名时会自动跳转到 mingongge.com 此配置,并且开启http强制跳转到https的配置。
这时,Nginx的配置就会实时自动生成在下面,我把生成的配置复制过来,如下:
/etc/nginx/sites-available/mingongge.com.conf#文件名都给你按规则配置好了
server {
listen 443 ssl http2;
server_name mingongge.com;
# SSL
ssl_certificate /etc/letsencrypt/live/mingongge.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mingongge.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mingongge.com/chain.pem;
# security
include nginxconfig.io/security.conf;
# additional config
include nginxconfig.io/general.conf;
}
# subdomains redirect
server {
listen 443 ssl http2;
server_name *.mingongge.com;
# SSL
ssl_certificate /etc/letsencrypt/live/mingongge.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mingongge.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mingongge.com/chain.pem;
return 301 https://mingongge.com$request_uri;
}
# HTTP redirect
server {
listen 80;
server_name .mingongge.com;
include nginxconfig.io/letsencrypt.conf;
location / {
return 301 https://mingongge.com$request_uri;
}
}
非常的方便与快速。
官方还提供一些Nginx的基础优化配置,如下:
/etc/nginx/nginx.conf
# Generated by nginxconfig.io
user www-data;
pid /run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;
events {
multi_accept on;
worker_connections 65535;
}
http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 16M;
# MIME
include mime.types;
default_type application/octet-stream;
# logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;
# load configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}还有基于安全的配置,如下:
/etc/nginx/nginxconfig.io/security.conf
# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
# . files
location ~ /\.(?!well-known) {
deny all;
}都相当于是提供一些基础的模板配置,可以根据自己的实际需求去修改。
有了这个神器在手,再也不用为配置Nginx的各类配置而烦恼了!!民工哥也不敢私藏这么好的神器在手里,今天给大家分享一下,感觉有帮助的读者朋友们记得转发分享出去哦,感谢支持!!!