Nginx虚拟主机 #
一、虚拟主机概述 #
1.1 什么是虚拟主机 #
虚拟主机(Virtual Host)是在一台物理服务器上托管多个网站的技术。Nginx通过server块实现虚拟主机功能,每个server块可以配置不同的域名、端口或IP。
1.2 虚拟主机的类型 #
| 类型 | 区分方式 | 适用场景 |
|---|---|---|
| 基于域名 | 不同域名指向不同站点 | 最常用 |
| 基于端口 | 不同端口指向不同站点 | 内部服务 |
| 基于IP | 不同IP指向不同站点 | 多IP服务器 |
二、基于域名的虚拟主机 #
2.1 基本配置 #
nginx
server {
listen 80;
server_name www.example.com;
root /var/www/www.example.com;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 80;
server_name blog.example.com;
root /var/www/blog.example.com;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
server {
listen 80;
server_name api.example.com;
location / {
proxy_pass http://127.0.0.1:8080;
}
}
2.2 server_name匹配规则 #
精确匹配:
nginx
server_name example.com;
server_name www.example.com;
多域名匹配:
nginx
server_name example.com www.example.com;
通配符匹配:
nginx
server_name *.example.com;
server_name example.*;
server_name *.example.*;
正则表达式匹配:
nginx
server_name ~^(?<subdomain>.+)\.example\.com$;
server_name ~^www\d+\.example\.com$;
2.3 匹配优先级 #
text
1. 精确匹配:example.com
2. 前缀通配符:*.example.com
3. 后缀通配符:example.*
4. 正则表达式:~^(.+)\.example\.com$
5. 默认服务器(default_server)
2.4 正则表达式捕获 #
nginx
server {
listen 80;
server_name ~^(?<subdomain>.+)\.example\.com$;
root /var/www/$subdomain;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
三、基于端口的虚拟主机 #
3.1 不同端口配置 #
nginx
server {
listen 80;
server_name localhost;
root /var/www/main;
index index.html;
}
server {
listen 8080;
server_name localhost;
root /var/www/admin;
index index.html;
}
server {
listen 3000;
server_name localhost;
location / {
proxy_pass http://127.0.0.1:3001;
}
}
3.2 端口与域名组合 #
nginx
server {
listen 80;
server_name example.com;
root /var/www/public;
}
server {
listen 8080;
server_name example.com;
root /var/www/admin;
}
server {
listen 80;
server_name admin.example.com;
root /var/www/admin;
}
四、基于IP的虚拟主机 #
4.1 不同IP配置 #
nginx
server {
listen 192.168.1.10:80;
server_name example.com;
root /var/www/site1;
}
server {
listen 192.168.1.11:80;
server_name example.com;
root /var/www/site2;
}
4.2 IP与域名组合 #
nginx
server {
listen 192.168.1.10:80;
server_name site1.example.com;
root /var/www/site1;
}
server {
listen 192.168.1.11:80;
server_name site2.example.com;
root /var/www/site2;
}
五、默认服务器 #
5.1 设置默认服务器 #
nginx
server {
listen 80 default_server;
server_name _;
return 444;
}
server {
listen 80;
server_name example.com;
root /var/www/example;
}
5.2 默认服务器用途 #
- 处理未匹配的请求
- 返回错误页面
- 重定向到主站点
nginx
server {
listen 80 default_server;
server_name _;
return 301 https://example.com$request_uri;
}
5.3 IPv6默认服务器 #
nginx
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 444;
}
六、配置文件组织 #
6.1 目录结构 #
text
/etc/nginx/
├── nginx.conf
├── conf.d/
│ ├── default.conf
│ ├── example.com.conf
│ └── blog.example.com.conf
├── sites-available/
│ ├── default
│ ├── example.com
│ └── blog.example.com
├── sites-enabled/
│ ├── default -> ../sites-available/default
│ ├── example.com -> ../sites-available/example.com
│ └── blog.example.com -> ../sites-available/blog.example.com
└── snippets/
├── ssl-params.conf
└── proxy-params.conf
6.2 主配置文件 #
nginx
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
6.3 站点配置文件 #
sites-available/example.com:
nginx
server {
listen 80;
server_name example.com www.example.com;
root /var/www/example.com;
index index.html index.htm;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
location / {
try_files $uri $uri/ =404;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30d;
add_header Cache-Control "public, immutable";
}
}
6.4 启用/禁用站点 #
bash
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo rm /etc/nginx/sites-enabled/example.com
sudo nginx -t && sudo nginx -s reload
七、公共配置片段 #
7.1 创建片段文件 #
snippets/proxy-params.conf:
nginx
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
snippets/ssl-params.conf:
nginx
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_stapling on;
ssl_stapling_verify on;
snippets/wordpress.conf:
nginx
location / {
try_files $uri $uri/ /index.php?$args;
}
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
7.2 使用片段 #
nginx
server {
listen 80;
server_name example.com;
root /var/www/example.com;
include snippets/proxy-params.conf;
location / {
proxy_pass http://backend;
}
}
八、HTTPS虚拟主机 #
8.1 基本HTTPS配置 #
nginx
server {
listen 80;
server_name example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
include snippets/ssl-params.conf;
root /var/www/example.com;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
8.2 多域名HTTPS #
nginx
server {
listen 443 ssl http2;
server_name example.com www.example.com;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
root /var/www/example.com;
}
server {
listen 443 ssl http2;
server_name blog.example.com;
ssl_certificate /etc/nginx/ssl/blog.example.com.crt;
ssl_certificate_key /etc/nginx/ssl/blog.example.com.key;
root /var/www/blog.example.com;
}
8.3 通配符证书 #
nginx
server {
listen 443 ssl http2;
server_name example.com *.example.com;
ssl_certificate /etc/nginx/ssl/wildcard.example.com.crt;
ssl_certificate_key /etc/nginx/ssl/wildcard.example.com.key;
root /var/www/$host;
}
九、高级配置 #
9.1 动态根目录 #
nginx
server {
listen 80;
server_name ~^(?<subdomain>.+)\.example\.com$;
root /var/www/$subdomain;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
9.2 多域名共享配置 #
nginx
server {
listen 80;
server_name example.com www.example.com alias.example.com;
root /var/www/example.com;
index index.html;
if ($host != "example.com") {
return 301 https://example.com$request_uri;
}
location / {
try_files $uri $uri/ =404;
}
}
9.3 条件重定向 #
nginx
server {
listen 80;
server_name example.com www.example.com;
if ($host = "www.example.com") {
return 301 https://example.com$request_uri;
}
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
return 301 https://example.com$request_uri;
}
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
root /var/www/example.com;
}
十、完整配置示例 #
10.1 多站点配置 #
nginx
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 444;
}
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
root /var/www/example.com;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2)$ {
expires 30d;
add_header Cache-Control "public, immutable";
}
location ~* \.(html|htm)$ {
expires 1h;
}
location ~ /\. {
deny all;
}
}
server {
listen 80;
listen [::]:80;
server_name blog.example.com;
access_log /var/log/nginx/blog.example.com.access.log;
error_log /var/log/nginx/blog.example.com.error.log;
root /var/www/blog.example.com;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 30d;
}
}
server {
listen 80;
listen [::]:80;
server_name api.example.com;
access_log /var/log/nginx/api.example.com.access.log;
error_log /var/log/nginx/api.example.com.error.log;
location / {
proxy_pass http://127.0.0.1:8080;
include snippets/proxy-params.conf;
}
}
十一、总结 #
本章我们学习了:
- 虚拟主机类型:基于域名、端口、IP
- 域名匹配:精确匹配、通配符、正则表达式
- 默认服务器:处理未匹配请求
- 配置组织:目录结构和include使用
- 公共片段:复用配置代码
- HTTPS配置:SSL证书配置
- 高级技巧:动态根目录、条件重定向
掌握虚拟主机后,让我们进入下一章,学习SSL/HTTPS配置!
最后更新:2026-03-27