Nginx Applicaion 서버 conf 설정

Owned by william (Unlicensed)
Last updated: Aug 06, 2021 by 조재호(Jerry)
2 min read

 

Applicaion 서버 conf 설정

특정포트에서 ICE4를 실행하는 경우 conf파일을 생성하여 특정포트와 도메인을 80포트에 연결해야함

443(https)를 사용하기 위해서는 SSL 인증서 등록이 필요

 

Config File 생성

  • Backend: core.conf

  • BackOffice: admin.conf

  • FrontOffice: web.conf

 

vi /etc/nginx/conf.d/core.conf

  • server_name: 도메인

  • proxy_pass: {Domain}:{Port}

    • 서버내 어플리케이션 실행하는 포트번호

 

server { listen 80 ; server_name api.justten.io; charset utf-8; rewrite_log on; client_max_body_size 50M; location / { proxy_pass http://127.0.0.1:8080; proxy_http_version 1.1; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto http; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 10s; proxy_send_timeout 10s; proxy_read_timeout 10s; send_timeout 10s; } }

 

 

 

Http / Https 설정

브라우저 접근 시 Http / Https 중 설정하고자 하는 정책을 결정

  • 80 port(Http) 통신만 사용

  • 80(Http) & 443(https)을 동시에 사용

  • [Recommend] https만 사용, 80(http)포트 접속시 443(https)으로 redirect 설정

    • https가 보안 및 http2 적용시 병렬처리 가능하여 성능 개선

 

80 port(Http) 만 사용하는 경우

server { listen 80 ; server_name api.justten.io; charset utf-8; rewrite_log on; client_max_body_size 50M; location / { proxy_pass http://127.0.0.1:8080; proxy_http_version 1.1; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto http; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 300; proxy_send_timeout 300; proxy_read_timeout 300; send_timeout 300; } }

 

 

 

80(Http) & 443(https) 포트 동시 사용

attached listen 443; blow 80 port.

server { listen 80; listen 443; server_name api.justten.io; charset utf-8; rewrite_log on; client_max_body_size 50M; location / { proxy_pass http://127.0.0.1:8080; proxy_http_version 1.1; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto http; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 300; proxy_send_timeout 300; proxy_read_timeout 300; send_timeout 300; } }

 

 

https만 사용 → 80(http)포트 접속시 443(https)으로 redirect 설정

To redirect 443 port from 80, attach blow on nignx.conf:

 

 

Http2 적용

Attach http2 on config file(path: /home/ec2-user/nginx/conf.d/jenkins.conf/)

서버내 인증서가 있는경우: listem 443 ssl http2

AWS ACM 사용시: listen 443 http2

 

설정 여부 확인

https://tools.keycdn.com/http2-test

 

 

Reference

Install Http2 as a nginx latest version

https://ma.ttias.be/enable-http2-in-nginx/

 

HTTP/1.1 vs HTTP/2 비교

https://www.digitalocean.com/community/tutorials/http-1-1-vs-http-2-what-s-the-difference