普通 http 80端口站点

sudo vi /etc/nginx/conf.d/test.11010.net.conf

server {
  listen        80;
  server_name   test.11010.net;
  root          /data/www/myblog;
  index         index.php index.html;

  charset utf-8;

  location / {
    try_files $uri $uri/ /index.php?$query_string;
  }

  location = /favicon.ico { access_log off; log_not_found off; }
  location = /robots.txt  { access_log off; log_not_found off; }

  access_log /data/logs/nginx/api.11010.net-access.log;
  error_log  /data/logs/nginx/api.11010.net-error.log error;

  location ~ \.php$ {
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi_params;
  }
}

https站点配置

sudo vi /etc/nginx/conf.d/blog.11010.net.conf

server {
  listen       443 ssl http2;
  server_name  blog.11010.net;
  root /data/www/myblog;
  index index.html index.php;

  # 证书文件
  ssl_certificate   /etc/nginx/ssl/11010.net/214252317230226.pem;
  ssl_certificate_key  /etc/nginx/ssl/11010.net/214252317230226.key;

  charset utf-8;

  location / {
    try_files $uri $uri/ /index.php?$query_string;
  }

  location = /favicon.ico { access_log off; log_not_found off; }
  location = /robots.txt  { access_log off; log_not_found off; }

  access_log /data/logs/nginx/blog.11010.net-access.log;
  error_log  /data/logs/nginx/blog.11010.net-error.log error;

  location ~ \.php$ {
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    include        fastcgi_params;
  }
}

# 80端口rewrite到443端口
server {
  listen        80;
  server_name   blog.11010.net;
  rewrite ^(.*)$ https://${server_name}$1 permanent;
}

nginx.conf配置

sudo vi /etc/nginx/nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    # 隐藏Nginx版本号
    server_tokens off;

    keepalive_timeout  65;

    # 开启gzip
    gzip on;
    # 启用gzip压缩的最小文件，小于设置值的文件将不会压缩
    gzip_min_length 1k;
    # gzip 压缩级别，1-10，数字越大压缩的越好，也越占用CPU时间
    gzip_comp_level 6;
    # 进行压缩的文件类型。javascript有多种形式。
    # 其中的值可以在 mime.types 文件中找到。
    gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
    # 是否在http header中添加Vary: Accept-Encoding，建议开启
    gzip_vary on;
    # 禁用IE 6 gzip
    gzip_disable "MSIE [1-6]\.";

    include /etc/nginx/conf.d/*.conf;
}