Powerful! Nginx configuration on-line one-click generation of "artifacts"

Keywords: Linux Nginx SSL Apache less

Nginx, as a lightweight HTTP server, has obvious advantages over Apache. It occupies less resources in performance and can support more concurrent connections to improve access efficiency. It is a very excellent proxy server and load balancing server in function. It is easy to install and configure in installation.

Many articles on Nginx deployment and configuration have been published.

In-depth summary
Introduction to HTTP Server Nginx Service Continuation
Detailed Explanation of Nginx Optimal Configuration
Smooth upgrade and rollback of Nginx version in 1 minute
Ultimate guide: 12 tips for improving the hardness of Nginx servers
Performance tuning of Nginx+Linux in high traffic and high load scenarios
Using ELK to analyze Nginx log production (HD multi-map)

There are many articles, so we will not list them one by one. Interested and needed articles can be searched by public number through search function.

For detailed explanations of some of Nginx's configurations, I've written relevant articles before:

Detailed Explanation of Nginx Optimal Configuration

However, in the actual production configuration environment, we will often encounter the need to modify or re-add the Nginx configuration. Sometimes, the demand is more diverse. There are always some mistakes and special troubles in the modification.

For the above reasons, it is certain that many readers will often collect some configuration documents, or the computer also keeps some of their daily configuration cases, but ultimately it is not very convenient. Today, Migrant Worker Brother introduced to you a "super bull breaking artifact", which can generate the configuration of Nginx online with one button.


Website: https://nginxconfig.io/

NGINX Config supports various configuration options such as HTTP, HTTPS, PHP, Python, Node.js, WordPress, Drupal, caching, reverse proxy, logging, etc. Generate Web server Nginx configuration file online.

Operational configuration is also very simple, you need to do only two steps:

  • Open the official website
  • Configuration of relevant parameters according to requirements

The system automatically generates specific configuration files. Although the interface is in English, the functional pages are very intuitive, and the generated Nginx format specification.

After landing, the interface is as follows:

Case presentation

Configuration domain name: mingongge.com enables users to access *.mingongge.com domain name automatically jump to mingongge.com configuration, and open http mandatory jump to https configuration.

At this time, the configuration of Nginx will be generated automatically in real time in the following, I copy the generated configuration, as follows:

/etc/nginx/sites-available/mingongge.com.conf
#The file names are all configured for you according to the rules.

server {
listen 443 ssl http2;

server_name mingongge.com;

# SSL
ssl_certificate /etc/letsencrypt/live/mingongge.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mingongge.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mingongge.com/chain.pem;

# security
include nginxconfig.io/security.conf;

# additional config
include nginxconfig.io/general.conf;
}

# subdomains redirect
server {
listen 443 ssl http2;

server_name *.mingongge.com;

# SSL
ssl_certificate /etc/letsencrypt/live/mingongge.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mingongge.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/mingongge.com/chain.pem;

return 301 https://mingongge.com$request_uri;
}

# HTTP redirect
server {
listen 80;

server_name .mingongge.com;

include nginxconfig.io/letsencrypt.conf;

location / {
return 301 https://mingongge.com$request_uri;
}
}

Very convenient and fast.

Officials also provide some basic configuration optimizations for Nginx, as follows:

/etc/nginx/nginx.conf
# Generated by nginxconfig.io

user www-data;
pid /run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;

events {
multi_accept on;
worker_connections 65535;
}

http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
log_not_found off;
types_hash_max_size 2048;
client_max_body_size 16M;

# MIME
include mime.types;
default_type application/octet-stream;

# logging
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;

# load configs
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

There are also security-based configurations, as follows:

/etc/nginx/nginxconfig.io/security.conf
# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;

# . files
location ~ /\.(?!well-known) {
deny all;
}

They are equivalent to providing some basic template configuration, which can be modified according to their actual needs.

With this artifact in hand, you no longer have to worry about configuring various configurations of Nginx!! Migrant worker brother dare not hide such a good artifact in his hands, today to share with you, feel helpful readers friends remember to forward share, oh, thank you for your support!!!

Posted by EternalSorrow on Thu, 10 Oct 2019 02:16:19 -0700