This is the 22nd day of my participation in the November Gwen Challenge. Check out the event details: The last Gwen Challenge 2021

Not long ago, a project was ready to go online after completion of development. As the main developer of the project, I was also responsible for the deployment.

The project is a front – and back-separated microservice architecture: Spring Cloud, Vue+ElementUI. In the test environment, each micro-service module is directly deployed by JAR package, and the front end is directly started by NPM Run Dev.

To deploy to a formal environment, the front end needs to start the project after build in Nginx and configure HTTPS. Since I have not configured Nginx before, so I stepped on a lot of holes, just write this blog as a note.

Introduction to the

Nginx is an open source, cross-platform high-performance Web server, it has the advantages of high performance, high stability, simple configuration, module structure, low resource consumption. It also supports reverse proxy, load balancing, and caching. It adopts multi-process + Epoll (IO multiplexing) model and has good support for Internet high concurrent connection services.

CentOS install Nginx

A. Installation depends on the environment

To install nginx, you need to install the dependencies of nginx: gcc-C ++, OpenSSL, pcre, zlib

1. Install the gcc-C ++ compiler and OpenSSL

yum install gcc-c++ 
yum install -y openssl openssl-devel
Copy the code

2. Install pcRE packages

yum install -y pcre pcre-devel
Copy the code

3. Install the Zlib package

yum install -y zlib zlib-devel
Copy the code

B. Nginx installation

With the dependent environment installed, we started installing nginx

1. Create an nginx folder in the /usr/local/ directory

cd /usr/local
mkdir nginx
Copy the code

2. Run the wget command to directly download the nginx installation package, or directly upload and download the compressed package

Wget HTTP: / / https://nginx.org/download/nginx-1.14.0.tar.gzCopy the code

3. Decompress the package and go to the decompressed directory

Tar -zxvf nginx-1.14.0.tar.gz CD nginx-1.14.0/Copy the code

4. Use the default nginx configuration

./configure
Copy the code

5. Compile and install

make
make install
Copy the code

If no error is reported, your /usr/local/nginx directory will have more than the red box below

Nginx has been successfully installed and can be started.

6. Go to the /usr/local/nginx/sbin directory and run the startup command

./nginx
Copy the code

7. Check whether the startup is successful

ps -ef | grep nginx
Copy the code

The following welcome page will appear when you visit your own IP address port 80.

C. Troubleshoot errors during installation

The following error may occur in step 5 of the installation process above

A wrong

SRC/OS/Unix /ngx_user.c:26:7: error: ‘struct crypt_data’ has no member named ‘current_salt’

This error is usually the server system version or nGINx version.

Solutions:

Enter in the nginx installation folder

vim src/os/unix/ngx_user.c
Copy the code

Comment out the code in the red box and save to exit and make again.

Error 2

Cast between incompatible function types from ‘size_t (*)(ngx_http_script_engine_t)’ {aka ‘long unsigned int ()(struct } to ‘void ()(ngx_http_script_engine_t)’ {aka ‘void ()(struct *)’} [-werror =cast-function-type]

Solutions:

Open vim objs/Makefile and delete -werrori (-werror, which requires GCC to treat all warnings as errors)

Configure nginx

The default configuration file is used to start nginx. If you want to use a real project, you will have to modify the default configuration of nginx.

A. Configure parsing

Use the following command to view the default configuration file for the nginx installed above:

Vim/usr/local/nginx/nginx - 1.14.0 / conf/nginx. ConfCopy the code

This is just a partial cut. Below I will list the meaning of the main configuration blocks in the nginx configuration file:

. # block events {# block events... } HTTP # HTTP block {... # HTTP global block server #server block {... Location [PATTERN] #location block {... } location [PATTERN] { ... } } server { ... }... # HTTP global block}Copy the code

Global block: configure directives that affect nginx globally. Generally, there are user groups running nginx server, nginx process PID storage path, log storage path, configuration file import, allowed number of worker processes, etc.

2. Events block: The configuration affects the nginx server or network connection to the user. The maximum number of connections per process, which event-driven model to choose to handle connection requests, whether to allow simultaneous acceptance of multiple network connections, enable serialization of multiple network connections, etc.

3, HTTP block: can nest multiple servers, configure proxy, cache, log definition and most functions and third-party module configuration. Such as file import, miME-type definition, log customization, whether to transfer files using SendFile, connection timeout, number of single connection requests, etc.

4, server block: configure the relevant parameters of the virtual host, an HTTP can have multiple servers.

5. Location block: Configure the routing of the request and the processing of various pages.

Our main configuration is the SERVER block under the HTTP block.

B. Configure actual combat

1. Deploy front-end resources after NPM build

Place the built dist folder in /usr/local/nginx/ HTML/(optionally optionally)

Then, modify the nginx.config configuration file:

location / { root /usr/local/nginx/html/dist; index index.html index.htm; try_files $uri $uri/ @router; # configure routing}Copy the code

After saving the changes, restart nginx:

cd /usr/local/nginx/sbin
./nginx -s reload
Copy the code

Now that the front end is deployed, let’s configure the deployment of the various microservices on the back end

2. The jar package deploys each microservice and configures nginx

First, assuming that the JAR package is also deployed on the same server with the Nginx service, we need to start each microservice first

Nohup Java -jar xxx.jar > xxx.log & tail -f xxx.logCopy the code

Then start modifying the nginx.config configuration file:

    location ^~ /erowplatform {
            proxy_pass https://localhost:8088/erowplatform;
    }

    location ^~ /gcgk {
            proxy_pass https://localhost:8088/gcgk;
    }

    location ^~ /auth {
            proxy_pass https://localhost:8088/auth;
    }


    location ^~ /code {
            proxy_pass https://locahost:8088/code;
    }

    location ^~ /ytb {
            proxy_pass https://localhost:8088/ytb;
    }

Copy the code

Next, let’s configure HTTPS.

3. Configure HTTPS

Assuming that you already have the certificate you need to configure HTTPS, how to obtain the certificate is not covered in this article.

For this project, the back end starts with a JAR package and we need to configure HTTPS in the code first:

Place your certificate under resources in the gateway module: xxx.pfx

Then modify the bootstrap.yml file:

server:
  port: 8080
  ssl:
    key-store: classpath:xxx.pfx
    key-store-password: 123456
    key-store-type: PKCS12
    enabled: true# open HTTPSCopy the code

At this point, HTTPS is used to access the back-end interface.

Next let’s configure nginx.conf,

First, put the two certificate files (xxx.pem and xxx.key) used by nginx in a certain path.

Modify the server block to point to the correct path of the certificate:

ssl on; # pem file path of the SSL certificate ssl_certificate/etc/nginx/conf. D / 3997458 __xxx. Cn. Pem; # key file path of the SSL certificate ssl_certificate_key/etc/nginx/conf. D / 3997458 __xxx. Cn. The key; ssl_session_timeout 5m; Ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:! aNULL:! MD5:! RC4:! DHE; ssl_prefer_server_ciphers on;Copy the code

Then save the changes and restart nginx.

The complete myconfig.conf is posted below

Server {# listen8080Port to listen8080; Server_name yyt.xxx.cn; ssl on; # pem file path of the SSL certificate ssl_certificate/etc/nginx/conf. D / 3997458 __xxx. Cn. Pem; # key file path of the SSL certificate ssl_certificate_key/etc/nginx/conf. D / 3997458 __xxx. Cn. The key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv11. TLSv12.; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:! aNULL:! MD5:! RC4:! DHE; ssl_prefer_server_ciphers on; client_max_body_size 500M; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { root /etc/nginx/html/dist; index index.html index.htm; try_files $uri $uri/@router; } location ^~ /erowplatform {proxy_pass://localhost:8088/erowplatform;
    }

    location ^~ /gcgk {
            proxy_pass https://localhost:8088/gcgk;
    }

    location ^~ /auth {
            proxy_pass https://localhost:8088/auth;
    }


    location ^~ /code {
            proxy_pass https://localhost:8088/code;
    }

    location ^~ /ytb {
            proxy_pass https://localhost:8088/yyt;} # route configuration information location@router{ rewrite ^.*$ /index.html last; }}Copy the code

Domain names are mapped to server addresses.

Why myconfig.conf?

This is because I put the configuration file in a separate file and just need the original nginx.conf to point to myconfig.conf.

        include /etc/nginx/conf.d/*.conf;
        #include /etc/nginx/sites-enabled/*;

Copy the code

Myconfig. conf is stored in /etc/nginx/conf.d/.

At this point, the configuration is complete, the article is not perfect, and it will be supplemented later.