网站环境设置(1)
1) 免密登录服务区。
制作密钥。在本地生成私钥、公钥(比如 server_name.rsa server_name.rsa.pub)。
cd ~/.ssh
ssh-keygen -t rsa
把公钥 copy 到服务器。
ssh-copy-id -i server_name.rsa.pub userId@server_ip
可以打开 server 上的 userId_HOME/.ssh/authorized_keys 查看公钥是否添加成功。
修改本地~/.ssh/config 文件,添加以下内容。
Host Server_IP
HostName Server_Name
IdentityFile YOUR_PRIVATE_KEY_FILE_PATH
2)免密 sudo
visudo 加入类似这样的一句,注意应该放在组的设置之后。
USER_ID ALL=(ALL) NOPASSWD: ALL
3) nginx 虚拟主机设置。
nginx 虚拟主机可以通过 IP、域名、端口这三种方式进行设置。购买了一台阿里云主机,有多个域名,通过域名进行设置就好。
安装 nginx,设置不同域名的虚拟主机。
编辑 /etc/nginx/nginx.conf, 在 http 部分 include 对虚拟主机定义。
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/telbox;
include /etc/nginx/sites-enabled/linkedall;
linkedall 文件内容如下(静态 web):
server {
listen 80;
root /home/devop/linkedall/web;
index index.html index.htm;
server_name www.linkedall.netlinkedall.net *.linkedall.net;
location / {
try_files $uri $uri/ =404;
}
location ~* \.(html)$ {
access_log off;
add_header Cache-Control max-age=no-cache;
}
location ~* \.(css|js|png|jpg|jpeg|gif|gz|svg|mp4|ogg|ogv|webm|htc|xml|woff)$ {
access_log off;
add_header Cache-Control max-age=360000;
}
... ...
telbox 虚拟主机定义如下(作为 proxy 转向后端的运行在 8080 端口的服务):
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name www.telbox.cn;
location / {
proxy_pass http://localhost:8080;
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}