nginx配置文件生产环境优化

主配置文件：

/etc/nginx/nginx.conf

 

# 全局配置优化
user nginx;
worker_processes auto;
worker_cpu_affinity auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;# 事件处理模型优化
events {worker_connections 10240;use epoll;multi_accept on;
}# HTTP核心配置优化
http {include /etc/nginx/mime.types;default_type application/octet-stream;# 日志配置log_format main '$remote_addr - $remote_user [$time_local] "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log /var/log/nginx/access.log main;# 性能优化sendfile on;tcp_nopush on;tcp_nodelay on;keepalive_timeout 65;keepalive_requests 100;# 压缩优化（删除重复的text/javascript）gzip on;gzip_vary on;gzip_proxied any;gzip_comp_level 5;gzip_buffers 16 8k;gzip_http_version 1.1;gzip_types  # 已移除重复的text/javascripttext/cssapplication/javascript  # 保留application/javascriptapplication/jsontext/xmlapplication/xmlapplication/xml+rssimage/svg+xml;  # Vue项目常用的SVG资源# 客户端请求限制client_max_body_size 10m;client_body_buffer_size 128k;# 引入子配置（server块）include /etc/nginx/conf.d/*.conf;
}

子配置文件：

/etc/nginx/conf.d/default.conf

 

# 虚拟主机配置
server {listen 80;server_name localhost;server_tokens off;# 安全头加固（确保所有响应携带）add_header X-Content-Type-Options "nosniff" always;add_header X-Frame-Options "SAMEORIGIN" always;add_header X-XSS-Protection "1; mode=block" always;# 根路径配置（入口文件 index.html）location / {root /usr/share/nginx/html;index index.html;try_files $uri $uri/ /index.html;# 入口文件不缓存，确保获取最新版本add_header Cache-Control "no-cache, no-store, must-revalidate" always;add_header Pragma "no-cache" always;}# 带哈希的静态资源（适配“文件名-哈希.扩展名”格式）# 哈希规则：Vite 生成的 base64 字符集（A-Za-z0-9-_）location ~* ^.+-[A-Za-z0-9-_]+\.(js|css|ico|svg|png|jpg|jpeg|gif)$ {root /usr/share/nginx/html;# 长期缓存（1年），标记资源不可变（哈希变化即失效）add_header Cache-Control "public, immutable, max-age=31536000" always;add_header ETag "" always;  # 禁用ETag，减少验证请求}# 不带哈希的静态资源（如未哈希的图片、ico等）location ~* \.(js|css|ico|svg|png|jpg|jpeg|gif)$ {root /usr/share/nginx/html;# 短缓存（1小时），平衡缓存与更新add_header Cache-Control "public, max-age=3600" always;}# 反向代理：backend服务location /backend/ {proxy_pass http://host:port/;proxy_set_header Host $http_host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;proxy_connect_timeout 30s;proxy_send_timeout 30s;proxy_read_timeout 60s;proxy_buffering on;proxy_buffer_size 16k;proxy_buffers 4 64k;proxy_busy_buffers_size 128k;proxy_http_version 1.1;proxy_set_header Upgrade $http_upgrade;proxy_set_header Connection "upgrade";}# 错误页配置error_page 404 /404.html;location = /404.html {root /usr/share/nginx/html;}error_page 500 502 503 504 /50x.html;location = /50x.html {root /usr/share/nginx/html;}
}