DEV Community

drake
drake

Posted on

aws Amazon Linux 2 AMI安装Nginx

sudo amazon-linux-extras install nginx1
Enter fullscreen mode Exit fullscreen mode
  • 2、检查是否安装成功:
nginx -v
Enter fullscreen mode Exit fullscreen mode

该输出,怎说明成功安装
Image description

  • 3、修改配置文件/etc/nginx/nginx.conf为下面内容:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;

    server {
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        error_page 404 /404.html;
        location = /404.html {
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        }
    }
}


Enter fullscreen mode Exit fullscreen mode
  • 4、新建配置文件 /etc/nginx/conf.d/default.conf

  • 5、在 /etc/nginx/conf.d/default.conf 编辑Nginx配置信息:

    需要注意,生成证书的时候如果域名用的是*.siquanzhuanxiang.top,那么下面的 server_name 就得用 www.siquanzhuanxiang.top 或者 *.siquanzhuanxiang.top

server {
    listen 443 ssl;
    server_name www.siquanzhuanxiang.top;

    ssl_certificate      /etc/nginx/tls/fullchain.pem;
    ssl_certificate_key  /etc/nginx/tls/key.pem;

    root         /usr/share/nginx/html;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    error_page 404 /404.html;
    location = /404.html {
    }

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    }
    location / {
        # 保留代理之前的host 包含客户端真实的域名和端口号
        proxy_set_header    Host  $host;
        # 保留代理之前的真实客户端ip
        proxy_set_header    X-Real-IP  $remote_addr;
        # 这个Header和X-Real-IP类似,但它在多级代理时会包含真实客户端及中间每个代理服务器的IP
        proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
        # 表示客户端真实的协议(http还是https)
        proxy_set_header X-Forwarded-Proto $scheme;
        # 指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值
        # 如果使用"default"参数,将根据location和proxy_pass参数的设置来决定。
        # proxy_redirect [ default|off|redirect replacement ];
        proxy_redirect off;
        proxy_pass http://localhost:83;
    }
    location /lark {
        # 保留代理之前的host 包含客户端真实的域名和端口号
        proxy_set_header    Host  $host;
        # 保留代理之前的真实客户端ip
        proxy_set_header    X-Real-IP  $remote_addr;
        # 这个Header和X-Real-IP类似,但它在多级代理时会包含真实客户端及中间每个代理服务器的IP
        proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
        # 表示客户端真实的协议(http还是https)
        proxy_set_header X-Forwarded-Proto $scheme;
        # 指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值
        # 如果使用"default"参数,将根据location和proxy_pass参数的设置来决定。
        # proxy_redirect [ default|off|redirect replacement ];
        proxy_redirect off;
        proxy_pass http://localhost:84;
    }
}
Enter fullscreen mode Exit fullscreen mode
  • 6、设置开机启动:
sudo chkconfig nginx on
Enter fullscreen mode Exit fullscreen mode
  • 7、使Nginx有权限调用证书
sudo chown nginx /etc/nginx/tls/fullchain.pem /etc/nginx/tls/key.pem
Enter fullscreen mode Exit fullscreen mode
  • 8、启动Nginx服务
sudo service nginx start
Enter fullscreen mode Exit fullscreen mode
  • 9、为确保万无一失,热加载,刷新配置:
sudo nginx -s reload
Enter fullscreen mode Exit fullscreen mode

Top comments (0)