DRY虚拟Web服务器配置 [英] DRY virtual web server configurations

问题描述

我正在将nginx 1.10.3用于几个虚拟Web服务器.它们中的大多数具有相同的配置，看起来很简单(将非www重定向到www并将http重定向到https)，但是对于每种配置，我仍然要获得超过100行代码.有办法干燥吗?例如不是每次都重复记录路径，而只是一次?

I'm using nginx 1.10.3 for a couple of virtual web servers. Most of them have the same configuration which seems to be simple (redirect non-www to www and redirect http to https) but still I end up with over 100 lines of code for each configuration. Is there a way to DRY this? e.g. not repeat the logging path every time but just one time?

这不是世界上最大的问题，但我想对此进行清理，不知道如何解决.

It is not the biggest problem in the world but I'd like to have this cleaned up and don't know how.

这是我用于每个虚拟服务器的配置:

Here is the config I use for each virtual server:

    # Virtual Host configuration for www.company.com
    #
    server {
        listen 80;
        server_name www.company.com;

        access_log /var/log/nginx/www.company.com-access.log;
        error_log /var/log/nginx/www.company.com-error.log;

        root /var/www/www.company.com/current;
        index  index.html index.htm;

        # Let's Encrypt Challenge
        location ~ /.well-known {
          allow all;
          root /var/www/letsencrypt;
        }

        location / {
          rewrite ^/(.*)$ https://www.company.com/$1 permanent;
          rewrite ^/$ https://www.company.com/ permanent;
        }
    }

    server {
        listen 80;
        server_name company.com;

        access_log /var/log/nginx/www.company.com-access.log;
        error_log /var/log/nginx/www.company.com-error.log;

        root /var/www/www.company.com/current;
        index  index.html index.htm;

        # Let's Encrypt Challenge
        location ~ /.well-known {
          allow all;
          root /var/www/letsencrypt;
        }

        location / {
          rewrite ^/(.*)$ https://company.com/$1 permanent;
          rewrite ^/$ https://company.com/ permanent;
        }
    }

    server {
        listen 443 ssl http2;
        server_name company.com;

        access_log /var/log/nginx/www.company.com-access.log;
        error_log /var/log/nginx/www.company.com-error.log;

        # Letsencrypt SSL certificate
        ssl_certificate     /etc/letsencrypt/live/www.company.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/www.company.com/privkey.pem;

        # Connection credentials caching
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 180m;

        # Strict Transport Security
        # => Tell the client to remember that this is a https site
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

        root /var/www/www.company.com/current;
        index  index.html index.htm;

        location / {
          rewrite ^/(.*)$ https://www.company.com/$1 permanent;
          rewrite ^/$ https://www.company.com/ permanent;
        }
    }

    server {
        listen 443 ssl http2;
        server_name www.company.com;

        access_log /var/log/nginx/www.company.com-access.log;
        error_log /var/log/nginx/www.company.com-error.log;

        # Letsencrypt SSL certificate
        ssl_certificate     /etc/letsencrypt/live/www.company.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/www.company.com/privkey.pem;

        # Connection credentials caching
        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 180m;

        # Strict Transport Security
        # => Tell the client to remember that this is a https site
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;

        root /var/www/www.company.com/current;
        index  index.html index.htm;

        location / {
          expires 7d;
          add_header Cache-Control public;

          try_files $uri $uri/ =404;
        }
    }

推荐答案

NGINX常见问题解答文档，说明您不能在config中使用变量.

The NGINX FAQ documents that you can't use variables in config.

问:是否存在使用nginx变量使配置部分更短，使用它们作为宏来使配置部分作为模板工作的正确方法?

Q: Is there a proper way to use nginx variables to make sections of the configuration shorter, using them as macros for making parts of configuration work as templates?

A:不应将变量用作模板宏.在处理每个请求的过程中会在运行时对变量进行评估，因此与纯静态配置相比，它们的成本很高.使用变量存储静态字符串也是一个坏主意.相反，应使用宏扩展和"include"指令更轻松地生成配置，并且可以使用外部工具(例如sed + make或任何其他常见的模板机制.

A: Variables should not be used as template macros. Variables are evaluated in the run-time during the processing of each request, so they are rather costly compared to plain static configuration. Using variables to store static strings is also a bad idea. Instead, a macro expansion and "include" directives should be used to generate configs more easily and it can be done with the external tools, e.g. sed + make or any other common template mechanism.

所以这意味着您需要使用conf.d之类的模板生成器，甚至是bash脚本来自动生成这些配置.使用bash意味着您需要将每个$都转义为\$.这是使用bash的示例方法

So that means you need to use a template generator like conf.d or even bash script to automate generating these config. Using bash would mean you need to escape every single $ as \$. Here is a sample approach using bash

   # Virtual Host configuration for www.${SITE}
    #
    server {
        listen 80;
        server_name www.${SITE};

        access_log /var/log/nginx/www.${SITE}-access.log;
        error_log /var/log/nginx/www.${SITE}-error.log;

        root /var/www/www.${SITE}/current;
        index  index.html index.htm;

        # Let's Encrypt Challenge
        location ~ /.well-known {
          allow all;
          root /var/www/letsencrypt;
        }

        location / {
          rewrite ^/(.*)\$ https://www.${SITE}/\$1 permanent;
          rewrite ^/\$ https://www.${SITE}/ permanent;
        }
    }

    server {
        listen 80;
        server_name company.com;

        access_log /var/log/nginx/www.${SITE}-access.log;
        error_log /var/log/nginx/www.${SITE}-error.log;

        root /var/www/www.${SITE}/current;
        index  index.html index.htm;

        # Let's Encrypt Challenge
        location ~ /.well-known {
          allow all;
          root /var/www/letsencrypt;
        }

        location / {
          rewrite ^/(.*)\$ https://${SITE}/\$1 permanent;
          rewrite ^/\$ https://${SITE}/ permanent;
        }
    }

site.sh

#!/bin/bash

generate_site_config() {
   echo generating config for $1 in $1.conf
   IN=site.template
   OUT=$1.conf
   SITE=$1 eval "cat <<EOF
   $(cat $IN)
EOF" > $OUT
}

generate_site_config $1

然后生成如下所示的配置

Then generate the config like below

$ sh site.sh tarunlalwani.com
generating config for tarunlalwani.com in tarunlalwani.com.conf

生成配置如下所示

  # Virtual Host configuration for www.tarunlalwani.com
#
server {
    listen 80;
    server_name www.tarunlalwani.com;

    access_log /var/log/nginx/www.tarunlalwani.com-access.log;
    error_log /var/log/nginx/www.tarunlalwani.com-error.log;

    root /var/www/www.tarunlalwani.com/current;
    index  index.html index.htm;

    # Let's Encrypt Challenge
    location ~ /.well-known {
      allow all;
      root /var/www/letsencrypt;
    }

    location / {
      rewrite ^/(.*)$ https://www.tarunlalwani.com/$1 permanent;
      rewrite ^/$ https://www.tarunlalwani.com/ permanent;
    }
}

server {
    listen 80;
    server_name company.com;

    access_log /var/log/nginx/www.tarunlalwani.com-access.log;
    error_log /var/log/nginx/www.tarunlalwani.com-error.log;

    root /var/www/www.tarunlalwani.com/current;
    index  index.html index.htm;

    # Let's Encrypt Challenge
    location ~ /.well-known {
      allow all;
      root /var/www/letsencrypt;
    }

    location / {
      rewrite ^/(.*)$ https://tarunlalwani.com/$1 permanent;
      rewrite ^/$ https://tarunlalwani.com/ permanent;
    }
}

这篇关于DRY虚拟Web服务器配置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！