set 指令是用于定义一个变量,并且赋值
应用环境:
server,location,if应用示例
例8: #http://alice.testpm.com ==> http://www.testpm.com/alice #http://jack.testpm.com ==> http://www.testpm.com/jack [root@nginx-server conf.d]# cd /usr/share/nginx/html/ [root@nginx-server html]# mkdir jack alice [root@nginx-server html]# echo "jack.." >> jack/index.html [root@nginx-server html]# echo "alice.." >> alice/index.html a. DNS实现泛解析 * IN A 网站IP 或者本地解析域名host文件 10.0.105.202 www.testpm.com 10.0.105.202 alice.testpm.com 10.0.105.202 jack.testpm.com 编辑配置文件: server { listen 80; server_name www.testpm.com; location / { root /usr/share/nginx/html; index index.html index.htm; if ( $host ~* ^www.testpm.com$) { break; } if ( $host ~* "^(.*)\.testpm\.com$" ) { set $user $1; rewrite .* http://www.testpm.com/$user permanent; } } location /jack { root /usr/share/nginx/html; index index.html index.hml; } location /alice { root /usr/share/nginx/html; index index.html index.hml; } }return 指令用于返回状态码给客户端
server,location,if应用示例:
例9:如果访问的.sh结尾的文件则返回403操作拒绝错误 server { listen 80; server_name www.testpm.cn; #access_log /var/log/nginx/http_access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; } location ~* \.sh$ { return 403; } } 例10:80 ======> 443 :80转443端口 server { listen 80; server_name www.testpm.cn; access_log /var/log/nginx/http_access.log main; return 301 https://www.testpm.cn$request_uri; } server { listen 443 ssl; server_name www.testpm.cn; access_log /var/log/nginx/https_access.log main; #ssl on; ssl_certificate /etc/nginx/cert/2447549_www.testpm.cn.pem; ssl_certificate_key /etc/nginx/cert/2447549_www.testpm.cn.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; location / { root /usr/share/nginx/html; index index.html index.htm; } } [root@nginx-server ~]# curl -I http://www.testpm.cn HTTP/1.1 301 Moved Permanently Server: nginx/1.16.0 Date: Wed, 03 Jul 2019 13:52:30 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://www.testpm.cn/3、last,break详解
[root@localhost test]# cat /etc/nginx/conf.d/last_break.conf server { listen 80; server_name localhost; access_log /var/log/nginx/last.access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; } location /break/ { root /usr/share/nginx/html; rewrite .* /test/break.html break; } location /last/ { root /usr/share/nginx/html; rewrite .* /test/last.html last; } location /test/ { root /usr/share/nginx/html; rewrite .* /test/test.html break; } } [root@localhost conf.d]# cd /usr/share/nginx/html/ [root@localhost html]# mkdir test [root@localhost html]# echo "last" > test/last.html [root@localhost html]# echo "break" > test/break.html [root@localhost html]# echo "test" > test/test.html http://10.0.105.196/break/break.html http://10.0.105.196/last/last.html注意:
last 标记在本条 rewrite 规则执行完后,会对其所在的 server { … } 标签重新发起请求;break 标记则在本条规则匹配完成后,停止匹配,不再做后续的匹配;使用 alias 指令时,必须使用 last;使用 proxy_pass 指令时,则必须使用break。4、Nginx 的 https ( rewrite ) server { listen 80; server_name *.vip9999.top vip9999.top; if ($host ~* "^www.vip9999.top$|^vip9999.top$" ) { return 301 https://www.vip9999.top$request_uri; } } # Settings for a TLS enabled server. server { listen 443 ssl; server_name www.vip9999.top; ssl_certificate cert/214025315060640.pem; ssl_certificate_key cert/214025315060640.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; #pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { root /usr/share/nginx/html; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }