因资源有限,把两个不同的项目放到了同一台服务器上:
A是一个后台管理系统,B是一个静态网站,两个项目有各自的域名和证书,现将两个项目通过nginx配置,使其能够正常访问。
说明:***即网站域名,www.***.com 与test.***.com用不同的证书,是因为,在购买证书时,最开始只购买了www的,后发现无法满足需求,于是又购买了通配符的证书。
以下为nginx配置文件:
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
tcp_nopush on; #防止网络阻塞
#keepalive_timeout 0;
keepalive_timeout 120; #长连接超时时间,单位是秒
fastcgi_send_timeout 300;
#gzip on;
server {
listen 80;
server_name test.***.com;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /common/ {
root /home/imgfile/;
autoindex on;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server{
listen 80;
server_name www.***.com;
location /{
root /home/jbWebsite; #网站根目录a
access_log on;
autoindex on;
}
}
# HTTPS server配置
#
server {
listen 443 ssl;
server_name 127.0.0.1;
ssl_certificate /usr/local/src/nginx/sslkey/_.***.com_bundle.crt;
ssl_certificate_key /usr/local/src/nginx/sslkey/x.***.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!aNULL:!eNULL;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
location /common/ {
root /home/imgfile/;
autoindex on;
}
}
#www.***.com配置
server {
listen 443 ssl;
server_name www.***.com;
ssl_certificate /usr/local/src/nginx/sslkey/www.***.com_bundle.crt;
ssl_certificate_key /usr/local/src/nginx/sslkey/www.***.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!aNULL:!eNULL;
location /{
root /home/jbWebsite; #网站根目录a
access_log on;
autoindex on;
}
}
}
