1. 安装nginx, apt install nginx
apt install nginx
2. 创建nginx.conf配置文件:
gedit /etc/nginx/nginx.conf
3. 配置文件内容如下:
user snake;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;events {worker_connections 1024;
}http {log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log /var/log/nginx/access.log main;sendfile on;tcp_nopush on;tcp_nodelay on;keepalive_timeout 65;types_hash_max_size 4096;include /etc/nginx/mime.types;default_type application/octet-stream;# Load modular configuration files from the /etc/nginx/conf.d directory.include /etc/nginx/conf.d/*.conf;# HTTP Server (Port 80) - 强制重定向到 HTTPSserver {listen 80;listen [::]:80;server_name _;# 强制重定向到 HTTPSreturn 301 https://$host$request_uri;}# TLS enabled server (Port 443)# HTTPS serverserver {listen 443 ssl;server_name 192.168.0.14 192.168.89.55 localhost;ssl_certificate /etc/nginx/ssl/server.crt;ssl_certificate_key /etc/nginx/ssl/server.key; ssl_session_cache shared:SSL:1m;ssl_session_timeout 5m;ssl_ciphers HIGH:!aNULL:!MD5;ssl_prefer_server_ciphers on;location / {
# root html;root /media/snake/Rocky/Projects/github/vtk/Kitware/vtk-wasm-demos/main/ubuntu;index index.html;}}}
4. 关闭 linux 的防火墙(仅用于本地测试, 生产环境不可这样搞)
systemctl stop ufwsystemctl stop firewalld
5. 开启nginx服务:
systemctl start nginx
6. 如果修改了nginx.conf配置文件,则需要重启nginx服务:
systemctl restart nginxsystemctl reload nginx
7. 验证是否已经开启成功:
systemctl status nginx
如果显示
● nginx.service - A high performance web server and a reverse proxy serverLoaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: enabled)Active: active (running) since Fri 2024-12-20 17:40:57 CST; 30min agoDocs: man:nginx(8)Process: 129619 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)Process: 129621 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)Process: 129663 ExecReload=/usr/sbin/nginx -g daemon on; master_process on; -s reload (code=exited, status=0/SUCCESS)Main PID: 129622 (nginx)Tasks: 25 (limit: 74010)Memory: 29.2M (peak: 50.1M)CPU: 467msCGroup: /system.slice/nginx.service├─129622 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"├─129665 "nginx: worker process"├─129666 "nginx: worker process"├─129667 "nginx: worker process"├─129668 "nginx: worker process"
则表示nginx服务已经成功运行。
8. 本机访问:
https://127.0.0.1/
或:
https://localhost/
或:
https://192.168.89.55/
, 同网段局域网机器访问:
https://192.168.89.55/
9. 如果nginx没有成功开启, 则验证一下配置文件:
nginx -t
根据报错信息,修改 /etc/nginx/nginx.conf配置文件, 直到验证通过, 显示:
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
稍后补充证书和自签名问题。
参考资料:
Nginx安装和配置_apt install nginx-CSDN博客
nginx配置https(内网)-CSDN博客
局域网https自签名教程_rehash: warning: skipping ca-certificates.crt,it d-CSDN博客
Nginx内网环境开启https双协议-CSDN博客
nginx配置局域网访问https - 简书
全网最详细的局域网https自签名教程(收藏)
出于某个需求,要生成 127.0.0.1 的自签名证书。
防火墙管理入门:Firewalld 与 UFW_ufw和firewalld-CSDN博客
linux 的防火墙 ufw、firwalld、iptables 、 - 沧海一声笑rush - 博客园
服务器防火墙工具firewalld、ufw的使用_ufw permanent-CSDN博客
Ubuntu 9.10 UFW防火墙使用教程
如何修复UFW状态在Linux中显示为非活动-电脑知识-PHP中文网
os:ubuntu 使用防火墙firewalld - lnlidawei - 博客园
本地测试使用自签名证书以开启网站https(例子说明:Nginx_访问自签名证书服务器-CSDN博客
mkcert - 0 配置,为 localhost 127.0.0.1 自签发安全证书 - 小众软件
如何修复“无法连接到https://127.0.0.1 SSL证书问题:自签名证书”-腾讯云开发者社区-腾讯云
自签名证书仅适用于localhost,不适用于127.0.0.1-腾讯云开发者社区-腾讯云
ubuntu利用nginx配置https服务器_百度知道
本地 https 环境解决方案 - 哔哩哔哩
本地https快速解决方案——mkcert - DTeam 技术日志
https://github.com/FiloSottile/mkcert
本地https快速解决方案——mkcert - 简书
本地 https 环境解决方案
同一局域网下windows和linux之间通过SSH互传文件
ubuntu关闭防火墙后无法访问端口?-纵横云
Ubuntu8080端口无法被访问_ubuntu开放8080端口-CSDN博客