#user root; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65;
#经过 NGINX 加载js大文件加载不全,报206 (Partial Content)错误
proxy_buffer_size 128k; proxy_buffers 32 128k; proxy_busy_buffers_size 128k; # 涓婇潰涓や釜寮€鍚�熀鏈�氨鑳借窇璧蜂簡锛屼笅闈㈢殑鎰挎剰鎶樿吘灏变簡瑙d竴涓? gzip on; #璇ユ寚浠ょ敤浜庡紑鍚�垨鍏抽棴gzip妯″潡(on/off) gzip_buffers 4 16k; #璁剧疆绯荤粺鑾峰彇鍑犱釜鍗曚綅鐨勭紦瀛樼敤浜庡瓨鍌╣zip鐨勫帇缂╃粨鏋滄暟鎹�祦銆?6 8k浠h〃浠?k涓哄崟浣嶏紝瀹夎�鍘熷�鏁版嵁澶у皬浠?k涓哄崟浣嶇殑16鍊嶇敵璇峰唴瀛? gzip_comp_level 6; #gzip鍘嬬缉姣旓紝鏁板€艰寖鍥存槸1-9锛?鍘嬬缉姣旀渶灏忎絾澶勭悊閫熷害鏈€蹇�紝9鍘嬬缉姣旀渶澶т絾澶勭悊閫熷害鏈€鎱? gzip_http_version 1.1; #璇嗗埆http鐨勫崗璁�増鏈? gzip_min_length 256; #璁剧疆鍏佽�鍘嬬缉鐨勯〉闈㈡渶灏忓瓧鑺傛暟锛岄〉闈㈠瓧鑺傛暟浠巋eader澶村緱content-length涓�繘琛岃幏鍙栥€傞粯璁ゅ€兼槸0锛屼笉绠¢〉闈㈠�澶ч兘鍘嬬缉銆傝繖閲屾垜璁剧疆浜嗕负256 gzip_proxied any; #gzip_static on; #杩欓噷璁剧疆鏃犺�header澶存槸鎬庝箞鏍凤紝閮芥槸鏃犳潯浠跺惎鐢ㄥ帇缂? gzip_vary on; #鍦╤ttp header涓�坊鍔燰ary: Accept-Encoding ,缁欎唬鐞嗘湇鍔″櫒鐢ㄧ殑 gzip_types text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml text/javascript application/javascript application/x-javascript text/x-json application/json application/x-web-app-manifest+json text/css text/plain text/x-component font/opentype font/ttf application/x-font-ttf application/vnd.ms-fontobject image/x-icon; #杩涜�鍘嬬缉鐨勬枃浠剁被鍨?杩欓噷鐗瑰埆娣诲姞浜嗗�瀛椾綋鐨勬枃浠剁被鍨? gzip_disable "MSIE [1-6].(?!.*SV1)"; proxy_temp_path /usr/local/nginx/proxy_temp_path; proxy_cache_path /usr/local/nginx/proxy_cache_path levels=1:2 keys_zone=cache_one:500m inactive=1d max_size=30g; fastcgi_connect_timeout 3000; fastcgi_send_timeout 3000; fastcgi_read_timeout 3000; fastcgi_buffer_size 256k; fastcgi_buffers 8 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_intercept_errors on; client_header_timeout 600s; client_body_timeout 600s; client_max_body_size 100m; client_body_buffer_size 256k; server { listen 443 ssl; server_name app.xxx.com; ssl_certificate cert/4219590_app.xxx.com.pem; ssl_certificate_key cert/4219590_app.xxx.com.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; #charset koi8-r; #access_log logs/host.access.log main; # location / { # root html; # index index.html index.htm; # } location / { root /var/www/html; try_files $uri $uri/ /index.html; index index.html; #璁剧疆 expires锛岃�缃�紦瀛? autoindex on; expires 7d; # 缂撳瓨 7 澶? } location /image/ { proxy_pass http://app.xxx.com:83/pandaadmin/image/; } location /paypal/pay/purchase { proxy_pass http://app.xxx.com:81/purchase/pay/paypal/success; } location /paypal/pay/parcel/order { proxy_pass http://app.xxx.com:81/parcel/order/pay/paypal/success; } location /paypal/pay/recharge { proxy_pass http://app.xxx.com:81/recharge/paypal/success; } location /paypal/pay/failed { proxy_pass http://app.xxx.com:81/paypal/pay/failed; } location /api/ { proxy_pass http://app.xxx.com:81; rewrite ^/api/(.*)$ /$1 break; include uwsgi_params; add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS'; add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,token'; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Connection close; add_header X-Xss-Protection 1; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options DENY; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_max_temp_file_size 0; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ .php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ .php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /.ht { # deny all; #} } # server { # listen 443 ssl; # server_name www.xxx.com xxx.com; # ssl_certificate cert/xxx.com.pem; # ssl_certificate_key cert/xxx.com.key; # ssl_session_timeout 5m; # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; # ssl_prefer_server_ciphers on; # location / { # root /var/www/html2; # try_files $uri $uri/ /index.html; # index index.html; # #璁剧疆 expires锛岃�缃�紦瀛? # autoindex on; # expires 7d; # 缂撳瓨 7 澶? # } # location /api/ { # proxy_pass http://app.xxx.com:83; # rewrite ^/api/(.*)$ /$1 break; # include uwsgi_params; # add_header Access-Control-Allow-Origin *; # add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS'; # add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,token'; # proxy_redirect off; # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header Connection close; # add_header X-Xss-Protection 1; # add_header X-Content-Type-Options nosniff; # add_header X-Frame-Options DENY; # proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; # proxy_max_temp_file_size 0; # proxy_connect_timeout 90; # proxy_send_timeout 90; # proxy_read_timeout 90; # proxy_buffer_size 4k; # proxy_buffers 4 32k; # proxy_busy_buffers_size 64k; # proxy_temp_file_write_size 64k; # } # } server { listen 443 ssl; server_name www.xxx.com xxx.com; ssl_certificate cert/xxx.com.pem; ssl_certificate_key cert/xxx.com.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; gzip on; gzip_types text/plain application/xml text/css application/javascript; gzip_min_length 1000; location / { # expires $expires; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 1m; proxy_connect_timeout 1m; proxy_pass http://127.0.0.1:3000; #鍙嶅悜浠g悊 } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} server { listen 80; server_name app.xxx.com www.xxx.com xxx.com; #rewrite ^/(.*)$ https://${server_name}/$1 permanent; if ($host = 'app.xxx.com' ) { rewrite ^/(.*)$ https://app.xxx.com/$1 permanent; } if ($host = 'www.xxx.com' ) { rewrite ^/(.*)$ https://www.xxx.com/$1 permanent; } if ($host = 'xxx.com' ) { rewrite ^/(.*) https://www.xxx.com/$1 permanent; } } # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} include /etc/nginx/vhosts/*; }