飞扬的Blog
主页
登录
Nginx部署asp.net core
"date"
:
"2023-08-24 07:11:47"
"classfiy"
:
"asp.net core"
"author"
:
"飞扬"
"viewTimes"
:
1598
返回
## 命令 ``` 全选文本: ggvG 复制文本: ggyG 清空文本: ggdG 测试配置: sudo nginx -t 重启nginx: sudo systemctl restart nginx ``` 1. 安装Nginx https://www.nginx.com/resources/wiki/start/topics/tutorials/install/#official-debian-ubuntu-packages 2. 安装.NET https://learn.microsoft.com/zh-cn/dotnet/core/install/linux-ubuntu 3. 微软教程 https://learn.microsoft.com/zh-cn/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-7.0&tabs=linux-ubuntu >注意:修改任何文件的时候记得备份 ## 总结一下 >总体来说关键配置就是:/etc/nginx/nginx.conf 这个文件,附上配置成功的代码: ```bash user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { # 这里是微软教程里的 include /etc/nginx/proxy.conf; limit_req_zone $binary_remote_addr zone=one:10m rate=5r/s; server_tokens off; sendfile on; # Adjust keepalive_timeout to the lowest possible value that makes sense # for your use case. keepalive_timeout 29; client_body_timeout 10; client_header_timeout 10; send_timeout 10; add_header X-Frame-Options "SAMEORIGIN"; upstream myapp { server 127.0.0.1:5000; } # 这里是https的配置 server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name yourweb.com www.www.yourweb.com; ssl_certificate /etc/ssl/yourweb.com.crt; ssl_certificate_key /etc/ssl/yourweb.com.key; ssl_session_timeout 1d; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_stapling off; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; # 这里重写https不带www if ( $host = 'yourweb.com' ) { rewrite ^(.*)$ https://www.yourweb.com$1 permanent; } #Redirects all traffic location / { proxy_pass http://myapp; # limit_req zone=one burst=10 nodelay; } } # 这里监听http://yourweb.com并重写到https://www server { listen 80; server_name yourweb.com; location / { rewrite ^(.*)$ https://www.yourweb.com$1 permanent; } } # 这里监听http://www.yourweb.com并重写到https://www server { listen 80; server_name www.yourweb.com; location / { rewrite ^(.*)$ https://www.yourweb.com$1 permanent; } } } ``` ## 项目配置HTTPS 在`appsettings.json`文件内添加: ``` "Kestrel": { "Endpoints": { "Http": { "Url": "http://localhost:5000", }, "HttpsInlineCertFile": { "Url": "https://localhost:5001", "Certificate": { "Path": "xxx.pfx", "Password": "xxx" } } } } ``` >到这已经可以了,下面的可以不看。下面是第一次实际操作时记录的。 ## 以下是微软教程补充说明 ### 做到 配置 Nginx 这一步的时候: >其实这一步如果不是为了测试可以不做,可以直接跳到`创建服务文件`的那节 ``` server { listen 80; # 如果你现在的项目是想测试asp.net core部署到nginx上,这里的值就给 server_name _; # 否则就是 server_name yousite.com *.yoursite.com; location / { proxy_pass http://127.0.0.1:5000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } ``` ## Step HTTPS 配置 >这里就是配置项目的HTTPS的方向代理 在修改`/etc/nginx/nginx.conf`之前先运行下面的指定备份一下: ``` cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak ``` #### 这里需要注意:未修改过的此文件是这样的: ``` user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { .... } ``` >微软只给了 `http` 的配置,这里`只替换原有文件的 http 节就行`否则运行`sudo nginx -t`测试的时候会提示缺少events的错误。 到这里就没有什么注意的地方了。
