Home > Article > Backend Development > Deep learning content about Nginx
This article mainly introduces the deep learning content of Nginx, which has certain reference value. Now I share it with everyone. Friends in need can refer to it
Separate dynamic requests and static requests through middleware.
Reason: Separate resources to reduce unnecessary request consumption and reduce request delay.
Dynamic and static request legend:
upstream php_api{ server 127.0.0.1:8080; } server { root filePath; location ~ \.php$ { proxy_pass http://php_api; index index.html index.htm; } location ~ \.(jpg|png|gif) { expires 1h; gzip on; } }2. Rewrite rules1. Scenario:
Example: rewrite ^(.*)$ /pages/main.html break;
command in Linux can be used to test regular expressions. | Metacharacters|Meaning|
? | |
d | |
* | |
^ | |
$ | |
{n} | |
{n,} | |
[c] | |
[a-z] | |
\ | |
( ) | |
$1 | ,$2
|
break | |||||||||||||||||||||||||||
redirect | |||||||||||||||||||||||||||
permanent | |||||||||||||||||||||||||||
实例: location / { # 文件不存在,直接访问4399 if (!-f $request_filename) { rewrite ^/(.*)$ http://www.4399.com; } }
三、Nginx的高级模块1. secure_link_module模块(1)制定并允许检查请求的链接的真实性以及保护资源免遭未经授权的访问 图例:
简单配置实例: root /opt/app/code; location / { secure_link $arg_md5,$arg_expires; secure_link_md5 "$secure_link_expires$uri 自定义字符串"; if ($secure_link = "") { return 403; } if ($secure_link = "0") { return 410; } } 生成url的脚本: #!/bin/bash servername="你的servername" download_file="/download/test.img" time_num=$(date -d "2018-10-18 00:00:00" +%s) secure_num="自定义字符串" res=$(echo -n "${time_num}${download_file} ${secure_num}"|openssl md5 -binary | open ssl base64 | tr +/ -_ | tr -d =) echo "http://${servername}${download_file}?md5=${res}&expires=${time_num}" 注意:1、生成脚本中自定义字符串和配置中的自定义字符串要保持一致。2、验证规则保持一致。3、如果没有openssl,可以yum安装。 2. geoip_module模块基于IP地址匹配MaxMine GeoIP二进制文件,读取IP所在地域信息。
配置示例 geoip_country /etc/nginx/geoip/GeoIP.dat; geoip_city /etc/nginx/geoip/GeoLiteCity.dat; server{ location /myip { default_type text/plain; return 200 "$remote_addr $geoip_country_name $geoip_country_code $geoip_city"; } } 四、基于Nginx的HTTPS服务1、为什么需要HTTPS
2、HTTPS协议的实现对传输内容进行加密以及身份验证
通信原理图: 3、证书签名生成准备步骤:
生成自签证书步骤:
生成证书签名请求文件(csr文件)
打包上面两个步骤生成的文件发送给签名机构即可完成证书签名
配置语法:
简单示例: server { listen 443; server_name locahost; ssl on; ssl_certificate /etc/nginx/ssl_key/ronaldo.crt; ssl_certificate_key /etc/nginx/ssl_key/ronaldo.key; index index.html index.htm; location / { root /opt/app/code; } } 配置完成后:
4、配置苹果要求的证书
#!/bin/bash cd /opt/download wget https://www.openssl.org/source/openssl-1.0.2k.tar.gz tar zxf openssl-1.0.2k.tar.gz cd openssl-1.0.2k ./config --prefix=/usr/local/openssl make && make install mv /usr/bin/openssl /usr/bin/openssl.OFF mv /usr/include/openssl /usr/include/openssl.OFF ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl ln -s /usr/local/openssl/include/openssl /usr/include/openssl echo "/usr/local/openssl/lib" >> /etc/ld.so.conf ldconfig -v openssl version -a
通过自签方式、符合苹果要求、通过key文件直接生成crt文件:
5、HTTPS服务优化
设置ssl session缓存
五、Nginx与Lua的开发Nginx+Lua优势: 1、Lua是一个简洁、轻量、可扩展的脚本语言
#!/usr/bin/lua print("Hello world")
变量
注意:
sum = 0 num = 1 while num <= 100 do sum = sum + num num = num + 1 end print("sum =", sum)
sum = 0 for i = 1,100 do sum = sum + i end
if age == 40 and sex == "Male" then print("大于40岁的男人") elseif age>60 and sex ~= "Female" then print("非女人而且大于60") else local age = io.read() print("Your age is"..age) end 2、Nginx + Lua环境
3、Nginx调用lua模块指令Nginx的可插拔模块化加载执行,共11个处理阶段
4、Nginx Lua API
5、灰度发布按照一定的关系区别,分不分的代码进行上线,使代码的发布能平滑过渡上线。
实现灰度发布示意图: 相关推荐: |
The above is the detailed content of Deep learning content about Nginx. For more information, please follow other related articles on the PHP Chinese website!