ngxin常用命令

常用命令

开启服务

# 进入nginx sbin目录
cd /usr/local/nginx/sbin/
# 启动nginx
./nginx

停止服务

停止服务：nginx停止命令stop与quit参数的区别在于stop是快速停止nginx，可能并不保存相关信息，quit是完整有序的停止nginx ，并保存相关信息。nginx启动与停止命令的效果都可以通过Windows任务管理器中的进程选项卡观察。

./nginx -s stop
./nginx -s quit

重启服务

nginx -s reload

其他命令重启、关闭nginx

ps -ef | grep nginx
#从容停止Nginx
kill -QUIT 主进程号
#快速停止Nginx
kill -TERM 主进程号
#强制停止Nginx
pkill -9 nginx
#平滑重启nginx：
kill -HUP 主进程号

检查配置文件是否有语法操作

./nginx -t
# or
./nginx -t -c /usr/local/nginx/conf/nginx.conf

注意要点

动静分离要点，必须把访问服务器的端口写成nginx监听的端口，这样才能避免跨域
配置参数说明：
nigix做反向代理
注意 :$proxy_port 与 :$server_port区别
$server_port ： nigix监听的端口
$proxy_port ： 服务器真正访问的端口

#一般情况都用这个host
proxy_set_header   Host             $host;
#获取到用户真实IP配置
proxy_set_header   X-Real-IP        $remote_addr;
proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

http请求配置

前后端分离普通配置

server {
    listen       8203;
    location / {
        root   /usr/www/validation-demo/h5-1-advance;
        index  index.html;
        try_files $uri $uri/ /index.html;
        if ($request_filename ~* .*\.(?:htm|html)$){
            add_header Cache-Control "private, no-store, no-cache, must-revalidate, proxy-revalidate";
        }
    }

     location /api/ {
        proxy_pass   http://192.168.8.10:5001/;
    }

}

增加了HTTPS的前后端分离配置

server {
  listen 443;
  server_name www.huzhihui.com;
  ssl on;
  ssl_certificate   /etc/nginx/cert/5673168_www.huzhihui.com.pem;
  ssl_certificate_key  /etc/nginx/cert/5673168_www.huzhihui.com.key;
  ssl_session_timeout 5m;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
  location / {
    root   /alidata/view/eip-home;
    index  index.html;
    try_files $uri $uri/ /index.html;
    if ($request_filename ~* .*\.(?:htm|html)$){
      add_header Cache-Control "private, no-store, no-cache, must-revalidate, proxy-revalidate";
    }
    expires 7d;
  }
  location /api/ {
    proxy_pass  http://127.0.0.1:56000/;
  }
}
server{
  listen 80;
  server_name www.huzhihui.com;
  rewrite  ^/(.*)$ https://www.huzhihui.com/$1 permanent;
}

动静分离+负载均衡配置

upstream web_servers {  
    server localhost:8080;  
    server localhost:8081;  
}  

server {
    listen       80;
    server_name  www.huzhihui.com;

    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header REMOTE-HOST $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://web_servers;
    }

    location ~.*\.(js|css)$ {
        root    /opt/static-resources;
        expires     12h;
    }

    location ~.*\.(html|jpg|jpeg|png|bmp|gif|ico|mp3|mid|wma|mp4|swf|flv|rar|zip|txt|doc|ppt|xls|pdf)$ {
        root    /opt/static-resources;
        expires     7d;
    }

    error_page  404              /404.html;

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

通用https配置

server {
    listen 443;
    server_name www.huzhihui.com;
    ssl on;
    ssl_certificate   cert-tues/214069203020278.pem;
    ssl_certificate_key  cert-tues/214069203020278.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://127.0.0.1:9002/;
        proxy_redirect default;
        proxy_http_version 1.1;
        proxy_set_header   Host             $host;
        proxy_set_header   X-Real-IP        $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    }
}
server{
    listen 80;
    server_name www.huzhihui.com;
    rewrite  ^/(.*)$ https://server.ourtues.com/$1 permanent;
}