安装nginx

sudo yum install nginx

确认ngnix配置位置

使用以下shell确认nginx启动脚本，例如/sbin/nginx

ps -aux | grep nginx

执行如下命令可以确定nginx的配置文件所在位置

/sbin/nginx -t

设置nginx的配置

配置http和https正式

server
    {
        listen 80;
        server_name example.com;
        return  301 https://$host$request_uri; # 强制https
    }

server
    {
        listen 443 ssl http2;
        server_name example.com;

        ssl_certificate /your_cert_directory/your.crt;
        ssl_certificate_key /your_cert_directory/your.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_session_cache builtin:1000 shared:SSL:10m;

        root  /your_app_root_directory;
        index index.html;
        access_log  /log_directory/access.log;
    }

# 代理
server
    {
        listen 80;
        server_name sub.example.com;
        return  301 https://$host$request_uri; # 强制https
    }

server
    {
        listen 443 ssl http2;
        server_name sub.example.com;

        ssl_certificate /your_cert_directory/your.crt;
        ssl_certificate_key /your_cert_directory/your.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_session_cache builtin:1000 shared:SSL:10m;

        location / {
          proxy_pass http://proxy.example.com; # http://proxy.example.com为代理host地址
          proxy_set_header Host $proxy_host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_buffer_size 64k; # 解决post body size问题
          proxy_buffers 4 32k; # 解决post body size问题
          proxy_busy_buffers_size 64k; # 解决post body size问题
        }
        access_log  /log_directory/access.log;
    }

启动nginx

service nginx restart

查看nginx运行状态

systemctl status nginx.service