# nginx.conf
user nginx; # 配置nginx worker进程个数 worker_processes auto; # 配置日志存放路径 #access_log logs/access.log warn; #error_log logs/error.log main; #pid logs/nginx.pid; # nginx事件处理模型优化 events { worker_connections 65535; # 当个进程允许的客户端最大连接数 use epoll; } # 配置nginx worker进程最大打开文件数 worker_rlimit_nofile 65535; http { # 隐藏版本号 server_tokens off; # 设置日志格式 log_format main '$http_x_forwarded_for - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" '; map $http_x_forwarded_for $clientRealIp { "" $remote_addr; ~^(?P<firstAddr>[0-9.]+),?.*$ $firstAddr; } # 开启高效文件传输模式 include mime.types; # 媒体类型 default_type application/octet-stream; # 默认媒体类型 charset utf-8; # 默认字符集 sendfile on; tcp_nopush on; # 只有在sendfile开启模式下有效 # 设置连接超时时间 keepalive_timeout 65; # 设置客户端连接保持会话的超时时间,超过则服务器会关闭该连接 tcp_nodelay on; # 打开tcp_nodelay,在包含了keepalive参数才有效果 #client_header_timeout 60s; # 设置客户端请求有超时时间,该时间内客户端未发送数据,nginx将返回‘Request time out(408)’错误 #client_body_timeout 60s; # 设置客户端请求体超时时间,同上 send_timeout 15; # 设置相应客户端的超时时间,超时nginx将会关闭连接 # 上传文件大小设置(动态引用) client_max_body_size 2m; # 数据包头部缓存大小 client_header_buffer_size 1k; #默认请求包头信息的缓存 large_client_header_buffers 4 4k; #大请求包头部信息的缓存个数与容量 # 压缩处理 gzip on; #开启压缩 gzip_min_length 1k; #小文件不压缩 gzip_comp_level 4; #压缩比率 gzip_buffers 4 16k; #压缩缓冲区大小,申请4个单位为16K的内存作为亚索结果流缓存 #对特定文件压缩,类型参考mime.types gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/x-httpd-php image/jpeg image/gif image/png; gzip_vary on; gzip_disable "MSIE[1-6]."; # 引入子配置文件 include vhost/*.conf; include proxy.conf; }
# proxy.conf
proxy_connect_timeout 300s; proxy_send_timeout 900s; proxy_read_timeout 900s; proxy_next_upstream off; proxy_buffer_size 32k; proxy_buffers 4 64k; proxy_busy_buffers_size 128k; proxy_redirect off; proxy_hide_header Vary; proxy_set_header Accept-Encoding ''; proxy_set_header Referer $http_referer; proxy_set_header Cookie $http_cookie; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade";
# ssl配置
upstream backend1 { server ip:port max_fails=3 fail_timeout=15s; server ip:port max_fails=3 fail_timeout=15s; } upstream backend2 { server ip:port max_fails=3 fail_timeout=15s; server ip:port max_fails=3 fail_timeout=15s; } server { listen 80; server_name domain ; index index.html; access_log '/data/apps/nginx/logs/access.log' main; location / { root html/front; index index.html; try_files $uri $uri/ /index.html; } location ^~ /path1/ { proxy_pass http://backend1/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect default; } location /path2/ { proxy_pass http://backend2/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect default; } } server { listen 443 ssl; server_name domain; ssl_certificate cert/domain.crt; ssl_certificate_key cert/domain.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; access_log 'logs/domain_access.log' main; location / { root html/front; index index.html; try_files $uri $uri/ /index.html; } location ^~ /path1/ { proxy_pass http://backend1/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect default; } location /path2/ { proxy_pass http://backend2/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_redirect default; } }
#
server { listen 80; server_name domain.com ; error_page 403 404 405 500 502 504 =200 /home/index.json; location / { root /home; index index.json; try_files $uri $uri/ /index.json?s=$uri&$args; } location = /home/index.json { default_type 'application/json'; set $ret_body '{ "code": "4009", "data": "<p>系统出问题了,进入维护状态</p>", "msg":"系统出问题了,进入维护状态" }'; if ( $arg_callback != "" ) { return 200 'try{$arg_callback($ret_body)}catch(e){}'; } return 200 $ret_body; } }