sails.js + nginx + https加密 + 反向代理

本次操作全部是在Centos系统上，window系统可能会有些差别

环境安装指南，如安装可跳过这段

、yum install -y nodejs
、npm install -g cnpm --registry=https://registry.npm.taobao.org
、cnpm install -g sails
、yum -y install gcc automake autoconf libtool make
、yum install gcc gcc-c++
、yum install pcre pcre-devel
、yum install zlib zlib-devel
、yum install openssl openssl-devel
、wget http://nginx.org/download/nginx-1.12.1.tar.gz  
    //下载并解压Nginx
    gzip -d nginx-.tar.gz
    tar xvf nginx-.tar
    cd nginx-/ 
    //进入目录，执行configure
、./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module
、make&&make install
           

cd /usr/local/nginx/conf/

在conf文件夹下，分别创建cert和vhosts文件夹

cert存放SSL证书

vhosts存放反向代理配置文件

在vhosts文件夹下，创建配置文件 my.conf

server {
    listen ;
    server_name www.mysite.com;
    rewrite ^(.*) https://$server_name$1 permanent;
}
server {
        listen  ssl;
        server_name www.mysite.com;
        ssl_certificate   cert/pem;
        ssl_certificate_key  cert/key;
        ssl_session_timeout m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1 TLSv1;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_pass http://localhost:81;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            client_max_body_size m;
        }
}
           

修改配置文件 nginx.conf

http 标签下面添加，

include vhosts/*;//引用反向代理配置文件

nginx -c /usr/local/nginx/conf/nginx.conf 重启nginx
nginx -s reload   重启配置
           

重启nginx即可