Nginx - installing and configuring

Install

sudo apt-get install nginx

Config place

/etc/nginx/nginx.conf

/etc/nginx/sites-enabled/

Reverse-proxy with SSL and Compression

/etc/nginx/{your_config}

server {
    listen        80;
    server_name   your_domain *.your_domain;
    location / {
        proxy_pass         http://localhost:5200;
        proxy_http_version 1.1;
        proxy_set_header   Upgrade $http_upgrade;
        proxy_set_header   Connection keep-alive;
        proxy_set_header   Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

 server {
    listen 443;
    server_name your_domain ;

    ssl_certificate           /etc/letsencrypt/live/{your_domain}/fullchain.pem;
    ssl_trusted_certificate   /etc/letsencrypt/live/{your_domain}/fullchain.pem;
    ssl_certificate_key       /etc/letsencrypt/live/{your_domain}/privkey.pem;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    gzip  on;
    gzip_http_version 1.1;
    gzip_vary on;
    gzip_comp_level 6;
    gzip_proxied any;
    gzip_types text/plain text/html text/css application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/rss+xml application/atom+xml application/rdf+xml;
    gzip_buffers 16 8k;
    gzip_disable “MSIE [1-6].(?!.*SV1)”;

    access_log  /var/log/nginx/{appname}.access.log;

location / {
    proxy_pass         http://localhost:5200;
    proxy_http_version 1.1;
    proxy_set_header   Upgrade $http_upgrade;
    proxy_set_header   Connection keep-alive;
    proxy_set_header   Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    }
}

Virtual Hosts

server {
        listen   80;
        root /var/www/mysite;
        index index.html index.htm;
        server_name mysite.ru www.mysite.ru;
}

Server compression

server {
...
    gzip  on;
    gzip_http_version 1.1;
    gzip_vary on;
    gzip_comp_level 6;
    gzip_proxied any;
    gzip_types text/plain text/html text/css application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/rss+xml application/atom+xml application/rdf+xml;
    gzip_buffers 16 8k;
    gzip_disable “MSIE [1-6].(?!.*SV1)”;
...
}

Redirect to HTTPS

server {
    listen 80;
    server_name {your_domain};
    return 301 https://{your_domain}$request_uri;
}

See also

Lighttpd installing and configuring

Publish Asp.Net Core App to Linux

Letsencrypt cert update

Nginx virtual hosts

Nginx redirect to HTTPS

Создано: 25/01/2022 14:49, Изменено: 08/02/2022 07:44, Просмотров: 36
Назад