分享Nginx服务器配置

2018-06-11 07:03:19

我如何分享两台服务器之间的通用配置。我的应用程序支持http和https（对于少数页面），我目前使用fastcgi_param保存数据库名称和密码等敏感信息。我如何分享两个服务器（80,443）的位置和fastcgi_param。


server {
    listen 80;
    server_name example.com;
}

server {
    listen 443 ssl;
    server_name example.com;
    root /home/forge/example.com/public;

    # FORGE SSL (DO NOT REMOVE!)
    ssl on;
    ssl_certificate /etc/nginx/ssl/example.com/304/server.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com/304/server.key;

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ .php$ {
        fastcgi_param ENV "production";
        fastcgi_param DB_HOST "127.0.0.1";
        fastcgi_param DB_PASSWORD "123456";
        fastcgi_param DB_USERNAME "user";
        fastcgi_param DB_NAME "example";
        fastcgi_split_path_info ^(.+.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /.ht {
        deny all;
    }
}

conf我想分享：

index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ .php$ {
        fastcgi_param ENV "production";
        fastcgi_param DB_HOST "127.0.0.1";
        fastcgi_param DB_PASSWORD "123456";
        fastcgi_param DB_USERNAME "user";
        fastcgi_param DB_NAME "example";
        fastcgi_split_path_info ^(.+.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /.ht {
        deny all;
    }

从0.7.14开始，您可以将HTTP和HTTPS服务器块合并为一个 - 更容易维护：

server {
    listen 80;
    listen 443 ssl;
    server_name example.com;
    ...
}

有关详细信息，请参阅http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server。

除了安德烈的答案，这应该可以帮助你很大。

NGINX也支持include语句。

例如，您可以创建一个公共目录（/ etc / nginx / common /），然后创建/etc/nginx/common/locations.conf 。您的locations.conf文件将包含类似的内容，

# NGINX CONFIGURATION FOR COMMON LOCATION
# Basic locations files
location = /favicon.ico {
  access_log off;
  log_not_found off;
  expires max;
}
# Cache static files
location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
  add_header "Access-Control-Allow-Origin" "*";
  access_log off;
  log_not_found off;
  expires max;
}
# Security settings for better privacy
# Deny hidden files
location ~ /.well-known {
  allow all;
}
location ~ /. {
  deny all;
  access_log off;
  log_not_found off;
}
# Deny backup extensions & log files
location ~* ^.+.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
  deny all;
  access_log off;
  log_not_found off;
}
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
if ($uri ~* "^.+(readme|license|example).(txt|html)$") {
  return 403;
}

然后，在您的站点配置文件之一中使用include common/locations.conf; 包括位置文件。例如，

server {
    listen 80;
    listen 443 ssl;
    server_name example.com;

    include common/locations.conf;

    ...
}

链接地址: http://www.djcxy.com/p/32425.html

上一篇: Share Nginx server configuration

下一篇: Access denied (403) for PHP files with Nginx + PHP