文章小程序全栈开发,从入门到上线,第8节——部署上线
wzj5cnaz -
1)上传证书文件到/usr/local/nginx/sslkey/目录下,没有可以自己新建目录。
2)新建nginx.conf,其配置如下:
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 9;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/javascript application/json;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
server {
listen 80;
server_name zomem.com;
rewrite ^(.*) https://$server_name$1 permanent;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
server {
listen 443 ssl http2;
server_name zomem.com;
ssl_certificate /usr/local/nginx/sslkey/zomem.com.pem;
ssl_certificate_key /usr/local/nginx/sslkey/zomem.com.key;
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4';
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000";
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
location / {
proxy_pass http://127.0.0.1:3080;
}
location /api/bidu/ {
proxy_pass http://127.0.0.1:3000/;
}
}
server {
listen 80;
server_name file.zomem.com;
rewrite ^(.*) https://$server_name$1 permanent;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
server {
listen 443 ssl http2;
server_name file.zomem.com;
ssl_certificate /usr/local/nginx/sslkey/file.zomem.com.pem;
ssl_certificate_key /usr/local/nginx/sslkey/file.zomem.com.key;
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4';
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000";
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
location /bidu {
proxy_pass http://127.0.0.1:6000/;
}
}
}
其中,
ssl_certificate /usr/local/nginx/sslkey/zomem.com.pem;
ssl_certificate_key /usr/local/nginx/sslkey/zomem.com.key;是加载ssl证书文件的,路径就是之前上传的地方。
location /api/bidu/ {
proxy_pass http://127.0.0.1:3000/;
}是api的地址,服务器对应端口3000,请求地址为:https://zomem.com/api/bidu。
location /bidu {
proxy_pass http://127.0.0.1:6000/;
}是文件的地址,对应服务器端口6000,文件地址为:https://file.zomem.com/bidu。
编辑保存后,覆盖服务配置文件:/usr/local/nginx/conf/nginx.conf,然后重启nginx。
修改server/.env里面的STATIC_URL=https://file.zomem.com/bidu,以及对应的数据库账号密码等配置,然后将后台项目server里的内容,上传到服务器/root/bidu/server里面,再npm install。
启动服务器后台运行:
cd ~/bidu/server
pm2 start ./bin/www --name biduApi启动图片服务器:
pm2 serve static 6000 --name biduImg --spa
# 在文件目录static下,启动一个6000端口的服务这样,cdn的地址https://file.zomem.com/bidu,就会通过nginx转发到本地6000端口的地址了,即static目录。
验证cdn是否成功:直接输入图片地址到浏览器,如https://file.zomem.com/bidu/articles/1.jpg,查看network,如果图片的ip不是服务器ip,说明是用的cdn的ip。如果显示HIT,则是cdn成功了,如果MISS则是失败。
这个时候,在小程序的app.js配置里,换一下对应的接口和图片地址,就可以使用了,之后就是上传审核,然后上线。没想像的那么难吧~哈哈~
/* 更换线上地址 */
/*
config: {
api: 'http://localhost:3000',
file: 'http://localhost:3000',
}
*/
config: {
api: 'https://zomem.com/api/bidu',
file: 'https://file.zomem.com/bidu',
}如果你在阿里云的后台,开启了80,443端口,还是不能访问,很大可能是centos的系统防火墙没开启这两个端口,可能进行如下操作排查:
查看防火墙状态firewall-cmd --statesystemctl stop firewalld.service
//临时关闭防火墙,重启后会重新自动打开
systemctl restart firewalld
//检查防火墙状态
firewall-cmd --state
firewall-cmd --list-all
//Disable firewall
systemctl disable firewalld
systemctl stop firewalld
systemctl status firewalld
//Enable firewall
systemctl enable firewalld
systemctl start firewalld
systemctl status firewalldsystemctl disable firewalld.servicefirewall-cmd --zone=public --add-port=80/tcp --permanent
命令含义:
--zone #作用域
--add-port=80/tcp #添加端口,格式为:端口/通讯协议
--permanent #永久生效,没有此参数重启后失效firewall-cmd --permanent --zone=public --remove-port=80/tcpfirewall-cmd --reloadfirewall-cmd --list-alldemo地址
特别申明:本文内容来源网络,版权归原作者所有,如有侵权请立即与我们联系(cy198701067573@163.com),我们将及时处理。
下一篇: 前端代码集合(持续更新)
Tags 标签
javascriptnode.js后端扩展阅读
CSGO电竞API数据接口【West S2战队数据】分享使用演示
2020-09-03 07:18:05 []小小的分页引发的加班血案
2020-09-03 12:02:35 []你也许还不懂静态方法和实例方法
2020-09-03 11:39:33 []从每秒6000写请求谈起
2020-09-11 11:06:20 []从用户输入手机验证码开始
2020-09-13 20:16:19 []分享——接口测试apipost使用教程
2020-09-14 07:28:09 []PHP-XML数据交互问题
2020-09-15 03:15:31 []laravel的Redis队列监听中断
2020-09-16 06:56:03 []vs code的使用与常用插件和技巧大全总结
2020-09-17 03:07:47 []没有伞的孩子 [必须] 要学会奔跑
2020-09-17 04:49:49 []加个好友,技术交流
