You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 7
Next »
Applicaion 서버 conf 설정
특정포트에서 ICE4를 실행하는 경우 conf파일을 생성하여 특정포트와 도메인을 80포트에 연결해야함
443(https)를 사용하기 위해서는 SSL 인증서 등록이 필요
Config File 생성
Backend: core.conf
BackOffice: admin.conf
FrontOffice: web.conf
vi /etc/nginx/conf.d/core.conf
api.conf
server {
listen 80 ;
server_name api.justten.io;
charset utf-8;
rewrite_log on;
client_max_body_size 50M;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 10s;
proxy_send_timeout 10s;
proxy_read_timeout 10s;
send_timeout 10s;
}
}
Http / Https 설정
브라우저 접근 시 Http / Https 중 설정하고자 하는 정책을 결정
80 port(Http) 만 사용하는 경우
jenkins.conf
server {
listen 80 ;
server_name api.justten.io;
charset utf-8;
rewrite_log on;
client_max_body_size 50M;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
}
80(Http) & 443(https) 포트 동시 사용
attached listen 443; blow 80 port.
jenkins.conf
server {
listen 80;
listen 443;
server_name api.justten.io;
charset utf-8;
rewrite_log on;
client_max_body_size 50M;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
}
https만 사용 → 80(http)포트 접속시 443(https)으로 redirect 설정
To redirect 443 port from 80, attach blow on nignx.conf:
jenkins.conf
server {
listen 80;
listen 443;
server_name api.justten.io;
charset utf-8;
rewrite_log on;
client_max_body_size 50M;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
if ($http_x_forwarded_proto = "http") {
return 301 https://$server_name$request_uri;
}
}
Http2 적용
Attach http2 on config file(path: /home/ec2-user/nginx/conf.d/jenkins.conf/)
서버내 인증서가 있는경우: listem 443 ssl http2
AWS ACM 사용시: listen 443 http2
설정 여부 확인
https://tools.keycdn.com/http2-test
Reference
Install Http2 as a nginx latest version
https://ma.ttias.be/enable-http2-in-nginx/
HTTP/1.1 vs HTTP/2 비교
https://www.digitalocean.com/community/tutorials/http-1-1-vs-http-2-what-s-the-difference