1. nginx

/1.24.0   /1.25.3   /1.25.4   /Configuration   /MailProxy   /make   /nginx.conf   /reverse_proxy   /static_files  

Contents

  1. nginx
    1. alert
    2. update
    3. Docs
    4. server_names
    5. https
    6. simple proxy server

/make /1.25.4

nginx news https://freenginx.org/

/MailProxy

/Configuration

/1.25.3 /1.24.0

HTTP/3

nginx 1.24.0 に更新できました。 http://nginx.org/en/CHANGES-1.24

TLSv1.3 protocol is enabled by default.

Feature: experimental HTTP/3 support.

1.1. alert

nginx 1.18のリモートコード実行(RCE) 0-dayの情報が公開されました。 https://twitter.com/futurevuls/status/1513206675938824196?s=20&t=f9R0uU44Ug12KjqBEW-4kw

このwikiは nginx 1.20 で動いています。

1.2. update

https://qiita.com/lustm5/items/aabd365aaeb873e7b17a Ubuntu22.04 nginx最新の安定版をインストールする

最終更新日 2022年08月11日

https://nginx.org/en/linux_packages.html#Ubuntu

/nginx.conf

DJB のpublic fileとmoinmoinを使っている。

どちらもSSL 証明書をサポートしていないので、 Reverse Proxy として Poundを使っていた。

Ubuntu server を使うことにしたのをきっかけにNginxを試してみた。

1.3. Docs

本家: https://nginx.org/en/docs/

Beginner’s Guide: https://nginx.org/en/docs/beginners_guide.html

Admin Guide: https://docs.nginx.com/nginx/admin-guide/

入門:

https://heartbeats.jp/hbblog/2012/02/nginx03.html

https://heartbeats.jp/hbblog/2012/06/nginx06.html

1.4. server_names

https://nginx.org/en/docs/http/server_names.html

1.5. https

https://docs.nginx.com/nginx/admin-guide/security-controls/terminating-ssl-http/#setting-up-an-https-server

証明書関連 

   server {
        listen 443 ssl;
        ssl on;
        ssl_certificate ssl/allcert.pem
        ssl_certificate_key ssl/private.pem;
        ...
    }

Admin から 

server {
    listen              443 ssl;
    server_name         www.example.com;
    ssl_certificate     www.example.com.crt;
    ssl_certificate_key www.example.com.key;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    #...
}

1.6. simple proxy server

We will configure a basic proxy server, which serves requests of images with files from the local directory and sends all other requests to a proxied server. In this example, both servers will be defined on a single nginx instance.

First, define the proxied server by adding one more server block to the nginx’s configuration file with the following contents: 

    server {
        listen 8080;
        root /data/up1;

        location / {
        }
    }

Next, use the server configuration from the previous section and modify it to make it a proxy server configuration. In the first location block, put the proxy_pass directive with the protocol, name and port of the proxied server specified in the parameter (in our case, it is http://localhost:8080): 

    server {
        location / {
            proxy_pass http://localhost:8080;
        }

        location /images/ {
            root /data;
        }
    }

MoinQ: nginx (last edited 2024-03-21 22:23:03 by ToshinoriMaeno)