stilleshan
/
nginx
mirror of https://github.com/stilleshan/nginx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create configuration files

This commit is contained in:
Stille 2020-03-27 13:43:08 +08:00
parent ef58c55237
commit 8f3f9d43ab
6 changed files with 200 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
conf/nginx.conf Normal file
View File

@ -0,0 +1,33 @@
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/conf.d/vhost/*.conf;
}

11
html/index.html Normal file
View File

@ -0,0 +1,11 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
Hello World
</body>
</html>

15
ssl/none.cer Normal file
View File

@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICSTCCAbICCQD47xY1QEIxDzANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQGEwJD
TjEQMA4GA1UECAwHQkVJSklORzEQMA4GA1UEBwwHQkVJSklORzEVMBMGA1UECgwM
QkVJSklORyBURVNUMQswCQYDVQQLDAJJVDESMBAGA1UEAwwJMTI3LjAuMC4xMB4X
DTIwMDExNzE1MjE0M1oXDTMwMDExNDE1MjE0M1owaTELMAkGA1UEBhMCQ04xEDAO
BgNVBAgMB0JFSUpJTkcxEDAOBgNVBAcMB0JFSUpJTkcxFTATBgNVBAoMDEJFSUpJ
TkcgVEVTVDELMAkGA1UECwwCSVQxEjAQBgNVBAMMCTEyNy4wLjAuMTCBnzANBgkq
hkiG9w0BAQEFAAOBjQAwgYkCgYEAxhuEv/c7Qu7VzxD6ZYbIA56FpKNFHFkDG6oq
87MgHlkb7tcEnV1ZjE+Glfi89tZTgISOByRp5/lBK9fw2PNGcIV5HKYmum4UXCEo
OJExZR97bFBSPyh07eDCDdXW5Ri//9K5JJvp+R2oSVMEomBedczbfD0vCYlDpX3x
rzW09FkCAwEAATANBgkqhkiG9w0BAQsFAAOBgQDBK4vUAmGzvkD6ISJEumv6r7UG
EyuvRTQlZbpsrJDnIMtFdPtHliigZ8MzBUHfozQimYM7v+kzuCQGNgzo35KYhudS
RR6NqEsAJJEtZpaQQscVhvryw/nV72FVFnVSgEbatYApRFPDCX81sfYJ023XpLdN
x6GFQZmQyBnXRrmhOg==
-----END CERTIFICATE-----

15
ssl/none.key Normal file
View File

@ -0,0 +1,15 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDGG4S/9ztC7tXPEPplhsgDnoWko0UcWQMbqirzsyAeWRvu1wSd
XVmMT4aV+Lz21lOAhI4HJGnn+UEr1/DY80ZwhXkcpia6bhRcISg4kTFlH3tsUFI/
KHTt4MIN1dblGL//0rkkm+n5HahJUwSiYF51zNt8PS8JiUOlffGvNbT0WQIDAQAB
AoGAFXryX+YstMs0v6j1nYCJu2q6zuktGy/DmIJQ+e+YMfIzhyglRfLTPNV6oFRC
GPmQQEUfKUMXgKGUIW7enId0QZow+EwTN6zQssiC2FIPOmqxDZmG8TLrDp7U9ooE
DSHlKruDGNOyeOdIpCp+XUZZxzuzYkopEpoq0xzMXcfXKmkCQQDs80DePgC+K3FR
Wli8v39ls7zvEgl9rnXz+FkD7twEqW00o8Isx4SkcPIF2hACd2gDSgJ/D2SP6MX5
qKv25T6fAkEA1gjUwRTm7zraxc1pfP2EPhYRIh0qk35KCC6+3zb2fbSPR1beC99a
Zkhv5vpOLhgi2GOBwb/Jv3Ir+i5Cty0CBwJAVvE+uQ1JGn44OyCKdN9TMI8N4S7e
GqacEyPqDZ5kTrWYI3t+8Q1YZzomI+2KeE019hb+6X5NaNyBYAT67EHbgwJBAMi8
ZZVk3iX2Y+JqAYp5VkLIfW8qPZkxM4uzE87ThKBm7I3y2bP22ZjeTR0rGpG+j0e1
I6gsELIeCULNikKz0pcCQA2LabSVrdxMysfhui1jiW4vo7m93+VwW8atO06mil/Y
SE37NiykwSp7liEJuADlgSH0codjHjKak4Ow9RhSTjA=
-----END RSA PRIVATE KEY-----

41
vhost/nginx-docker.sample.conf Normal file
View File

@ -0,0 +1,41 @@
upstream dockername {
server 127.0.0.1:8080; # 端口改为docker容器提供的端口
}
server {
listen 80;
server_name www.domain.com;
return 301 https://www.domain.com$request_uri;
}
server {
listen 443 ssl;
server_name www.domain.com;
gzip on;
ssl_certificate /etc/nginx/ssl/none.cer;
ssl_certificate_key /etc/nginx/ssl/none.key;
# access_log /var/log/nginx/dockername_access.log combined;
# error_log /var/log/nginx/dockername_error.log;
location / {
proxy_redirect off;
proxy_pass http://dockername;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
client_max_body_size 100m;
client_body_buffer_size 128k;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}

85
vhost/yourdomain.com.sample.conf Normal file
View File

@ -0,0 +1,85 @@
server
{
listen 80;
#listen [::]:80;
server_name www.yourdomain.com ;
index index.html index.htm index.php default.html default.htm default.php;
root /usr/share/nginx/html/www.yourdomain.com;
# return 301 https://www.yourdomain.com$request_uri;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log off;
}
server
{
listen 443 ssl http2;
#listen [::]:443 ssl http2;
server_name www.yourdomain.com ;
index index.html index.htm index.php default.html default.htm default.php;
root /usr/share/nginx/html/www.yourdomain.com;
# if ($host = 'yourdomain.com') {
# return 301 https://www.yourdomain.com$request_uri;
# }
ssl_certificate /etc/nginx/ssl/none.cer;
ssl_certificate_key /etc/nginx/ssl/none.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
# ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log off;
}