-
域名列表
序号 名称 域名 HTTPS主机 1 官方域名 www.tinywan.com https://www.tinywan.com/ 2 直播域名 live.tinywan.com https://live.tinywan.com/ 3 点播域名 vod.tinywan.com https://vod.tinywan.com/ 4 文档域名 doc.tinywan.com https://doc.tinywan.com/ -
Openresty 编译
www@TinywanAliYun:~/DEMO/openresty-1.11.2.5$ ./configure --prefix=/usr/local/openresty --with-luajit \ --with-http_ssl_module --with-openssl=/usr/local/openssl \ --with-openssl-opt="enable-tlsext" --without-http_redis2_module \ --with-http_iconv_module --with-http_stub_status_module \ --with-http_xslt_module --add-dynamic-module=/home/www/DEMO/nginx-ts-module \ --add-dynamic-module=/home/www/DEMO/nginx-rtmp-module ... make sudo make install
注意添加配置:
--with-openssl-opt="enable-tlsext"
,默认情况下是TLS SNI support disabled
-
Nginx.conf
配置文件:-
配置文件列表
www@TinywanAliYun:/usr/local/openresty/nginx/conf/vhost$ ls doc.tinywan.com.conf live_rtmp_hls.conf live.tinywan.com.conf main.conf vod.tinywan.com.conf www.tinywan.com.conf
-
nginx.conf
http { ... index index.php index.html index.htm; include "/usr/local/openresty/nginx/conf/vhost/*.conf"; }
-
main.conf
# 配置HTTP请求重定向 server { listen 80; server_name www.tinywan.com; #live.tinywan.com vod.tinywan.com; rewrite ^ https://$http_host$request_uri? permanent; }
-
www.tinywan.com.conf
server { #listen 80; listen 443 ssl; server_name www.tinywan.com; set $root_path /home/www/web/go-study-line/public; root $root_path; ssl on; ssl_certificate /etc/letsencrypt/live/www.tinywan.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.tinywan.com//privkey.pem; server_tokens off; location / { #access_by_lua_file /usr/local/openresty/nginx/conf/lua_script/resty-limit-req.lua; if (!-e $request_filename) { rewrite ^(.*)$ /index.php?s=/$1 last; break; } } location = /favicon.ico { log_not_found off; } location ~ \.php$ { #access_by_lua_file /usr/local/openresty/nginx/conf/lua_script/resty-limit-req.lua; fastcgi_pass unix:/var/run/php7.1.8-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_buffer_size 128k; fastcgi_buffers 4 256k; fastcgi_busy_buffers_size 256k; fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; } }
-
live.tinywan.com.conf
# live.tinywan.com server{ listen 443 ssl; server_name live.tinywan.com; root /home/www/web/live.tinywan.com; ssl on; ssl_certificate /etc/letsencrypt/live/www.tinywan.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.tinywan.com//privkey.pem; server_tokens off; }
-
vod.tinywan.com.conf
# vod.tinywan.com server{ listen 443 ssl; server_name vod.tinywan.com; root /home/www/web/vod.tinywan.com; ssl on; ssl_certificate /etc/letsencrypt/live/www.tinywan.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.tinywan.com//privkey.pem; server_tokens off; }
-
doc.tinywan.com.conf
# doc.tinywan.com server{ listen 443 ssl; server_name doc.tinywan.com; root /home/www/web/doc.tinywan.com; ssl on; ssl_certificate /etc/letsencrypt/live/www.tinywan.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.tinywan.com//privkey.pem; server_tokens off; }
-