以下是服务的nginx配置,nginx有一个配置文件叫nginx.conf,里面可以填写每个应用的nginx配置文件的文件夹,下面是某个应用的配置文件
nginx.conf配置
#user nobody;
user root;
worker_processes 4;
worker_rlimit_nofile 655350;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
use epoll;
worker_connections 655350; ## Default: 1024
}
http {
resolver 8.8.8.8;
geo $limited {
default 1;
# 61.54.109.211 0;
}
map $limited $limit_ip {
1 $binary_remote_addr;
0 "";
}
map $limited $limit_uri {
1 $request_uri;
0 "";
}
limit_req_zone $limit_ip zone=perip:100m rate=4r/s;
limit_req_zone $limit_uri zone=perreq:100m rate=2r/m;
limit_req_status 599;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048; #TODO: to figure out
large_client_header_buffers 8 16k;
client_max_body_size 4M;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
log_format main '$remote_addr" - "[$time_local]" - "$request" - "$status" - "$body_bytes_sent" - "$http_user_agent" - " $request_time " - " $http_x_forwarded_for';
log_format report escape=json '{"realip":"$remote_addr", "localtime":"$time_local", "timestamp":"$msec","url":"$uri", "message":"$request_body"}';
##
# Gzip Settings
##
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
gzip on;
gzip_disable "msie6";
gzip_vary on;
# gzip_proxied any; #TODO: to figure out
gzip_min_length 16k;
gzip_buffers 16 64k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_types text/plain application/json application/x-javascript text/css application/xml application/lsec;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
add_header Access-Control-Allow-Origin http://admin.work.com;
add_header Access-Control-Allow-Credentials true;
##
# Virtual Host Configs
##
# 应用配置文件存放目录
include /opt/oh-my-ngxfile/conf.d/*.conf;
include /opt/oh-my-ngxfile/sites-enabled/*;
error_page 403 404 500 502 503 504 /error.gif;
}
应用配置文件api.work.com的配置,存放在 /opt/oh-my-ngxfile/sites-enabled/ 文件夹内
# ngxin跨域配置,设置http://h5.oss.alicdn.work.com和http://work-h5.oss-cn-beijing.aliyuncs.com的请求可以跨域访问
map $http_origin $corsHost {
default 0;
"~http://h5.oss.alicdn.work.com" http://h5.oss.alicdn.work.com;
"~http://work-h5.oss-cn-beijing.aliyuncs.com" http://work-h5.oss-cn-beijing.aliyuncs.com;
}
server {
listen 80;
# ssl on;
# ssl_certificate /usr/local/nginx/ssl/21452220406.pem;
# ssl_certificate_key /usr/local/nginx/ssl/214529820406.key;
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
# ssl_session_timeout 5m;
client_max_body_size 20m;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_prefer_server_ciphers on;
server_name work.com; # 域名
access_log logs/work.com/access.log main;
error_log logs/work.com/error.log;
# 允许跨域OPTIONS预请求
if ($request_method = 'OPTIONS') {
return 204;
}
location ~ ^/easy/api_log {
access_log logs/work.com/access.log report;
error_log logs/work.com/error.log;
#proxy_pass http://127.0.0.1:6699;
add_header Access-Control-Allow-Origin *;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_headers_hash_max_size 51200;
proxy_headers_hash_bucket_size 6400;
set_real_ip_from 100.196.0.0/19;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
include uwsgi_params;
uwsgi_pass unix:///tmp/logship.sock;
}
location / {
# 跨域设置
add_header Access-Control-Allow-Origin $corsHost;
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_headers_hash_max_size 51200;
proxy_headers_hash_bucket_size 6400;
proxy_pass http://127.0.0.1:8010;
set_real_ip_from 0.0.0.0/0;
real_ip_header X-Forwarded-For;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 6699;
location ~ ^/shopping/api_log {
return 200;
}
}