Linux 基本运维优化和 Nginx 缓存搭建

2023年 7月 12日 22.8k 0

Linux 基本运维优化

  • SSH 端口修改,关闭密码登陆,改私钥登陆
  • Iptables 防火墙配置优化
  • 最大监控文件个数
  • 最大文件打开数量
  • 安装其他软件

Nginx 优化配置

  • SSL 证书导入
  • 配置优化
  • 日志存放天数 logrotate.d

user nginx; worker_processes 2; worker_rlimit_nofile 60000; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid;

events { worker_connections 102400; }

http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main ‘$remote_addr – $remote_user [$time_local] “$request” $status $body_bytes_sent “$http_referer” “$http_user_agent” “$http_x_forwarded_for”‘; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 300s; include /etc/nginx/conf.d/*.conf; server_tokens off; server_names_hash_max_size 512; server_names_hash_bucket_size 128; client_header_buffer_size 32k; large_client_header_buffers 4 32k; gzip on; gzip_disable msie6; gzip_min_length 1k; gzip_comp_level 5; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_proxied any; gzip_vary on; gzip_types text/plain text/css text/xml text/javascript text/x-component application/json application/javascript application/xml application/xhtml+xml application/xml+rss application/rss+xml application/atom+xml application/x-font-ttf application/x-web-app-manifest+json font/opentype image/svg+xml image/x-icon; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 256k; client_max_body_size 10m; proxy_connect_timeout 10; proxy_read_timeout 180; proxy_send_timeout 30; proxy_buffer_size 32k; proxy_buffers 8 64k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; proxy_temp_path /data/cache/temp; proxy_cache_path /data/cache/cache_files levels=1:2 keys_zone=cache_one:100m inactive=1d max_size=10g; }

Nginx 配置

location ~* \.(js|css|jpg|png|gif|txt)$ { proxy_pass https://www.baidu.com; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_redirect off; proxy_cache cache_one; proxy_cache_key $host$uri$is_args$args; proxy_cache_valid 200 302 301 1d; proxy_cache_valid any 1m; expires 6h; add_header X-Cache $upstream_cache_status; }

location ~* \.(shtml|html)$ { if ($http_user_agent ~* ‘(Android|webOS|iPhone|iPod|Mobile)’) { rewrite ^.+ https://m.baidu.com$uri permanent; }

proxy_pass https://www.baidu.com; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; }

location / { proxy_pass https://m.baidu.com; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_cache cache_one; proxy_cache_valid 200 302 301 1d; proxy_cache_valid any 1m; expires 6h; add_header X-Cache-Status $upstream_cache_status; }

location ~ \.php$ { proxy_pass https://m.baidu.com; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; }

相关文章

服务器端口转发,带你了解服务器端口转发
服务器开放端口,服务器开放端口的步骤
产品推荐:7月受欢迎AI容器镜像来了,有Qwen系列大模型镜像
如何使用 WinGet 下载 Microsoft Store 应用
百度搜索:蓝易云 – 熟悉ubuntu apt-get命令详解
百度搜索:蓝易云 – 域名解析成功但ping不通解决方案

发布评论