请参考如下内容:
//////////////////////////////////////begin//////////////////////////////////////
#user nobody;
worker_processes 8;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 4096;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
#limit_zone ofmag_down $binary_remote_addr 10m;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
#gzip_min_length 1k;
gzip_min_length 0;
gzip_buffers 4 16k;
gzip_comp_level 3;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/vnd.ms-fontobject application/x-font-ttf image/svg+xml;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
upstream webtoolsserver {
ip_hash;
server 192.168.0.89:8443 max_fails=3 fail_timeout=30s;
server 192.168.0.87:8443 max_fails=3 fail_timeout=30s;
}
upstream imagesserver {
#the default strategy is round-robin
#ip_hash;
least_conn;
server 192.168.0.89:8080 max_fails=3 fail_timeout=30s;
server 192.168.0.87:8080 max_fails=3 fail_timeout=30s;
}
upstream espluginserver {
ip_hash;
server 192.168.0.43:9200 max_fails=3 fail_timeout=30s;
server 192.168.0.87:9200 max_fails=3 fail_timeout=30s;
}
###for http protocol
server {
listen 80;
server_name demo.yourdomain.com;
# ## setting http header property =begin=
server_tokens off;
add_header Cache-Control 'no-cache, no-store, must-revalidate';
add_header X-XSS-Protection '1; mode=block';
add_header X-Content-Type-Options 'nosniff';
add_header X-Frame-Options 'sameorigin';
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
add_header Expires '-1';
add_header Pragma 'no-cache';
add_header X-Permitted-Cross-Domain-Policies 'master-only';
# ## setting http header property =end=
# fragement for ssl =begin=
# rewrite ^(.*)$ https://$host$1 permanent;
# error_page 497 https://$host$uri?$args;
# return 301 https://$server_name$request_uri;
# fragement for ssl =end=
#charset koi8-r;
#access_log logs/host.access.log main;
#
location ^~/_ {
allow 192.168.1.0/24;
deny all;
proxy_pass http://espluginserver;
proxy_redirect default;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
root html;
index index.html index.htm;
}
location /images/{
proxy_pass http://imagesserver;
proxy_redirect default;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
root html;
index index.html index.htm;
}
location /webtools/{
allow 152.68.88.180;
allow 152.68.88.135;
allow 128.70.82.242;
allow 128.196.206.32;
deny all;
return 301 https://$server_name$request_uri;
proxy_pass https://webtoolsserver;
proxy_redirect default;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
root html;
index index.html index.htm;
}
###proxy path / in the last block
location / {
return 301 https://$server_name$request_uri;
proxy_pass http://webserver;
proxy_redirect default;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
root html;
index index.html index.htm;
}
#not configure ofmag's api proxy
location = /favicon.ico {
root html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
####for https protocol
server {
server_name demo.yourdomain.com;
# fragement for ssl =begin=
listen 443 ssl;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_certificate /opt/nginx/conf/server.crt;
ssl_certificate_key /opt/nginx/conf/server.key;
ssl_prefer_server_ciphers on;
# fragement for ssl =end=
#charset koi8-r;
#access_log logs/host.access.log main;
#
location /images/{
proxy_pass http://imagesserver;
proxy_redirect default;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
root html;
index index.html index.htm;
}
location /webtools/{
proxy_pass https://webtoolsserver;
proxy_redirect default;
proxy_connect_timeout 90;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
//////////////////////////////////////end////////////////////////////////////////
分享到:
相关推荐
例如,使用Apache HTTP Server或Nginx,需要配置SSL证书和私钥,并启用HTTPS监听。Java中,可以使用`org.apache.tomcat.util.net.jsse.NioEndpoint`和`org.apache.coyote.http11.Http11NioProtocol`等类搭建基于...
- **配置Nginx**:编辑Nginx配置文件`/etc/nginx/nginx.conf`,添加FastDFS相关配置。 ```nginx location /group1/M00 { root /usr/local/nginx/html; fastdfs_store_path /data/fastdfs/data; } ``` 通过...
- 编辑Nginx配置文件 ```bash vim /usr/local/nginx/conf/nginx.conf ``` 在`http`块内添加FastDFS模块的相关配置,例如: ```nginx server { listen 80; server_name localhost; location / { root html...
Web服务器是一种软件程序,如Apache、Nginx或Microsoft IIS,它们运行在服务器端,监听特定端口(通常是80或443),等待客户端的HTTP请求。当一个客户端(如浏览器)发起请求时,Web服务器解析请求内容,根据请求...
3. **数据库创建与导入**:在MySQL中创建一个新的数据库,并将系统提供的SQL文件导入,这通常包含了系统的初始数据结构和样例数据。 4. **配置文件修改**:在源代码中找到配置文件,一般命名为config.php或其他类似...
+ 基于Nacos做服务和配置中心,共包含用户、订单、车次、事务、网关、验证码六个服务 + :star:利用OpenFeign做同步调用,利用RabbitMQ异步调用验证码服务 ### 2. 数据库及事务 + 基于MySQL存储业务数据,相关字段...