Nginx快速入门

14 December 2025   1094 words   ~3 mins
#Host #Linux

安装

导入源(Debian/Ubuntu)

# 安装必要的证书包
sudo apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring
# 导入 NGINX 官方签名密钥
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
# 添加官方稳定版仓库
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" | sudo tee /etc/apt/sources.list.d/nginx.list
# 设置官方源的优先级高于 Ubuntu 源
echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n" | sudo tee /etc/apt/preferences.d/99nginx

安装 Nginx 软件包

sudo apt update                        
sudo apt install nginx

启动与配置

sudo systemctl start nginx #启动 Nginx

基本命令

nginx -s stop #强行关闭 
nginx -s quit #优雅关闭
nginx -s reload #重载配置
nginx -t #检查语法问题

检查语法错误与查看配置所在位置

sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

查看配置

user  nginx; #用户
worker_processes  auto;

error_log  /var/log/nginx/error.log notice; #日志地址
pid        /run/nginx.pid; 


events {
    worker_connections  1024; #最大链接线程数
}


http {
    include       /etc/nginx/mime.types; 
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;  #具体配置位置
}

server {
    listen       80;
    server_name  localhost;

    #access_log  /var/log/nginx/host.access.log  main;

#    location /index {
#        root   /usr/share/nginx/html;
#        index  index.html index.htm;
#    }
	location / { 
	root html; # 网站根目录 
	index index.html index.htm; # 默认首页文件 
	}
    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #


    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #


    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}
    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #


    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #


    #location ~ /\.ht {
    #    deny  all;
    #}
}

快速配置

目标 访问 test: 8005 跳转到本地 index.html

  1. 修改上面配置为
 listen 8005;
 server_name test;

location / { 
	root /var/www/test;
	 index index.html;
}
  1. 创建目录
sudo mkdir -p /var/www/test/
sudo touch /var/www/test/index.html 
sudo tree /var/www/test/
/var/www/test/
└── index.html
  1. 重载配置
> sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
> sudo nginx -s reload
  1. 测试链接
> curl -v http://test:8005/
* Could not resolve host: test
* Closing connection
curl: (6) Could not resolve host: test

会发现无法访问 原因有二:

  • 当访问 test 时无法解析到对应 ip
  • 选择的位置缺少权限 解决方案:
  1. 在 hosts 里添加 127.0.0.1 test
  2. 赋予 Nginx 执行权限 或者 转到 /var/www/ 目录下

反代短链接不跳转:上游依赖 Host 头

背景

  • Nginx 对外监听:www.shortlink.com

  • 反向代理到上游短链服务:nurl.ink

    server {
  listen 80;
  server_name www.shortlink.com;

  location / {
    proxy_pass https://nurl.ink;
  }
}

现象

关键判断

  • 后端识别短码通常看的是“请求里的 Host 头 + path”

  • 通过反代访问时,转发给上游的请求里,Host 往往还是 www.shortlink.com 上游按 Host 做站点路由/短链域名匹配时,就可能“不认这个域名”,所以不跳转。

    注意:Host 是请求头(request header),不是“返回的 Host 头”。响应里一般没有 Host。

根因

  • Nginx 转发到上游时,没有把 Host 改成上游想要的 nurl.ink(或没按上游规则传递)
  • 如果上游是 HTTPS,还可能需要 SNI:没开 proxy_ssl_server_name 会导致 TLS 层选错站点/证书,行为异常。

修复方案

让上游收到正确的 Host(两种写法选一种):

location / {
  proxy_pass https://nurl.ink;

  # 方案 A:写死上游域名
  proxy_set_header Host nurl.ink;

  # 方案 B:用变量(
  # proxy_set_header Host $proxy_host;

  # 保留原始信息
  proxy_set_header X-Forwarded-Host $host;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

  
  proxy_ssl_server_name on;
}

验证方法

  1. 直连上游看是否会跳转:
curl -I https://nurl.ink/xxxx
  1. 走反代看是否和直连一致:
curl -I http://www.shortlink.com/xxxx
  1. 如果要确认“Host 造成的差异”,用 curl 人工指定 Host 做对比:
curl -I -H 'Host: nurl.ink' http://127.0.0.1/xxxx
curl -I -H 'Host: www.shortlink.com' http://127.0.0.1/xxxx

Reference

title: "Beginner’s Guide"
image: "https://nginx.org/img/nginx_logo.svg"
description: ""
url: "https://nginx.org/en/docs/beginners_guide.html"
favicon: ""
aspectRatio: "28.666666666666668"
← prev next →