当我查看我之前写的文章时、顿时惊奇发出感慨:啥时候写的?是我写的么?疑惑重重…
所以说,好记性不如烂笔头。
记录一次部署PC端网址全过程
部署PC端网址分是三步:
第一步:申请域名并映射到外网IP (通过域名识别到需要访问的电脑)
以阿里云为例:申请注册的域名如下、点击解析-映射到服务器外网IP (添加两条记录) 。
一个域名、配置两个子域名、分别为前端与后端。 比如:box.xxxx.cn cert.xxxx.cn
第二步:通过前端域名映射到前端服务 (通过前端域名返回所需要访问的界面)
配置https SSL证书最底下有链接
第三步:通过后端域名映射到后端服务 (通过后端域名返回所需要访问的数据)
完整NGINX配置文件
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
# xxx管理系统-前后端配置
# 前端-界面配置 box.xxxx.cn
server {
listen 443 ssl http2;
server_name box.xxxx.cn;
# SSL相关配置
ssl_certificate /home/sslcert/multiple-fullchain.pem;
ssl_certificate_key /home/sslcert/multiple-cert.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
# 前端域名映射
location / {
root /var/www/box-html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
# cert.xxxx.cn ==> http://localhost:9000;
server {
listen 443 ssl http2;
server_name cert.xxxx.cn;
# SSL相关配置
ssl_certificate /home/sslcert/multiple-fullchain.pem;
ssl_certificate_key /home/sslcert/multiple-cert.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
location ^~ /
{
proxy_pass http://localhost:9000;
proxy_set_header Host localhost;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
}
}