全配置
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
# 开启gzip,压缩静态资源,提升访问速度
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 9;
gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/javascript application/json;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
# 项目高可用配置
upstream admin{
server 127.0.0.1:8080 weight=1 max_fails=2 fail_timeout=1;
server 127.0.0.1:9080 weight=1 max_fails=2 fail_timeout=1;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name testdomain.com;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
# 链接直接转发到项目
location /{
proxy_pass http://127.0.0.1:8080/admin/;
proxy_cookie_path ~*^/.* /;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /admin {
proxy_pass http://admin;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 5;
proxy_read_timeout 5;
proxy_send_timeout 5;
proxy_ignore_client_abort on;
proxy_next_upstream timeout;
}
# 正则处理链接 /img/F166666666_240x180.jpg 会指向本地路径/home/img/F1/66666666.jpg文件
# 图片会按照宽高240x180等比缩放,压缩率75
location ~ /img/(.*)_(\d+)x(\d+)(.*)$ {
root /;
rewrite ^/img/(\S)(\S)(.*)_(\d+)x(\d+)(.*)$ /home/imgs/$1$2/$3$6 break;
image_filter resize $4 $5;
image_filter_buffer 50M;
image_filter_jpeg_quality 75;
}
# 正则处理链接 /img/F166666666_240.jpg 会指向本地路径/home/img/F1/66666666.jpg文件
# 图片会按照宽240等比缩放,压缩率75
location ~ /img/(.*)_(\d+)(\.(.*))$ {
root /;
rewrite ^/img/(\S)(\S)(.*)_(\d+)(\.(.*))$ /home/imgs/$1$2/$3$5 break;
image_filter resize $4 -;
image_filter_buffer 50M;
image_filter_jpeg_quality 75;
}
# 正则处理链接 /img/F166666666.jpg 会指向本地路径/home/img/F1/66666666.jpg文件
location ~ /img/(.*)$ {
root /;
rewrite ^/img/(\S)(\S)(.*)$ /home/imgs/$1$2/$3 break;
}
# 正则处理视频
location /video {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET';
root /;
rewrite ^/video/(.*)$ /home/videos/$1 break;
limit_rate_after 5m; #缓冲5M数据
limit_rate 400k; #超过5M后按400K限制下载速度
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name ~^(?<subdomain>.+)\.testdomain\.com$;
location =/ {
rewrite ^ http://$host/admin?ct=$subdomain break;
}
}
}
rewrite 从server_name获取二级域名
server {
listen 80;
server_name ~^(?<subdomain>.+)\.testdomain\.com$;
location =/ {
rewrite ^ http://$host/admin?ct=$subdomain break;
}
}
当访问:http://my1.testdomain.com时,会跳转到http://my1.testdomain.com/admin?ct=my1这个链接中
Http请求重定向到https
server {
listen 80;
server_name baidu.com www.baidu.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
...
}
Nginx设置网页中的http请求升级为https
sub_filter_once off;
sub_filter '<head>' '<head><meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">';
location /{
...
}
Nginx代理websocket请求
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
location /wb {
proxy_pass http://127.0.0.1:6666;
proxy_http_version 1.1;
proxy_connect_timeout 630s;
proxy_read_timeout 630s;
proxy_send_timeout 630s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)