我整理的一份来自于线上的Nginx配置(Nginx.conf),希望对学习Nginx的有帮助
程序员文章站
2022-05-26 14:20:01
我整理了一份Nginx的配置文件说明,是真正经历过正式线上考验过。如果有优化的地方,也请朋友们指点一二,整理出一份比较全而实用的配置。 主要包含配置:负载均衡配置,页面重定向,转发,HTTPS和HTTP的配置, 缓存优化,错误页面配置等。 后续也会继续完善此配置,大家在配置的时候,基本上可以满足应用 ......
我整理了一份nginx的配置文件说明,是真正经历过正式线上考验过。如果有优化的地方,也请朋友们指点一二,整理出一份比较全而实用的配置。
主要包含配置:负载均衡配置,页面重定向,转发,https和http的配置, 缓存优化,错误页面配置等。
#user nobody; #工作进程,于cpu核数一致 worker_processes 2; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { # 设置可连接数 worker_connections 2048; #优化同一时刻只有一个请求而避免多个睡眠进程被唤醒的设置,on为防止被同时唤醒,默认为off,因此nginx刚安装完以后要进行适当的优化。 accept_mutex on; #打开同时接受多个新网络连接请求的功能 multi_accept on; } http { include mime.types; default_type application/octet-stream; #隐藏nginx的版本号 server_tokens off; #日志格式 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; #日志保存 access_log logs/access.log main; sendfile on; tcp_nopush on; #保持连接超时时间 keepalive_timeout 60; # 启动内容压缩,有效降低网络流量 gzip on; # 过短的内容压缩效果不佳,压缩过程还会浪费系统资源 gzip_min_length 1000; # 可选值1~9,压缩级别越高压缩率越高,但对系统性能要求越高 gzip_comp_level 4; # 压缩的内容类别 gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; # 静态文件缓存 open_file_cache max=65535 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 2; #server { # listen 80; # server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; # location / { # root html; # index index.html index.htm; # } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # root html; # } # proxy the php scripts to apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the php scripts to fastcgi server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param script_filename /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} # } # another virtual host using mix of ip-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} #负载均衡 使用ip_hash策略,集群部署 upstream raysonblog.cn { server 123.45.678.901:8081 weight=10 max_fails=1 fail_timeout=10s; server 123.45.678.902:8089 weight=5 max_fails=1 fail_timeout=10s; } # https server server { listen 443 ssl; server_name www.raysonblog.cn; # 开启 ssl ssl on; # 指定 ssl 证书路径 ssl_certificate cert/www.raysonblog.cn_bundle.crt; # 指定私钥文件路径 ssl_certificate_key cert/raysonblog.cn.key; ssl_session_timeout 5m; ssl_ciphers ecdhe-rsa-aes128-gcm-sha256:ecdhe:ecdh:aes:high:!null:!anull:!md5:!adh:!rc4; ssl_protocols tlsv1 tlsv1.1 tlsv1.2; ssl_prefer_server_ciphers on; proxy_http_version 1.1; proxy_set_header upgrade $http_upgrade; # 支持websocket proxy_set_header connection "upgrade"; # 支持websocket proxy_set_header host $host:$server_port; proxy_set_header x-forwarded-server $host; proxy_set_header x-real-ip $remote_addr; proxy_set_header x-forwarded-proto $scheme; # 真实用户访问协议 proxy_set_header remote-host $remote_addr; proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for; proxy_max_temp_file_size 0; # 配置缓存 client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 18000; proxy_send_timeout 18000; proxy_read_timeout 18000; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; # 处理/项目名a/a.jsp重定向到/项目名b/b.jsp location = /项目名a/a.jsp { rewrite . /项目名b/b.jsp permanent; # permanent 永久 } location /项目名c { # 转发 proxy_pass http://127.0.0.1:8080/项目名c; } location /项目名d { #转发 proxy_pass http://127.0.0.1:8080/项目名d; } location /blog { # 负载均衡跟upstream 的配置一致 proxy_pass http://raysonblog.cn/blog; } } # http server server {# 服务名及配置,一个服务下可以有多个location用来表示不同的反向代理 listen 80; # 端口号 server_name www.raysonblog.cn; #主机名,默认是本主机 proxy_http_version 1.1; proxy_set_header upgrade $http_upgrade; proxy_set_header connection "upgrade"; proxy_set_header host $host:$server_port; proxy_set_header x-forwarded-server $host; proxy_set_header x-real-ip $remote_addr; proxy_set_header x-forwarded-proto $scheme; # 真实用户访问协议 proxy_set_header remote-host $remote_addr; proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for; proxy_max_temp_file_size 0; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 18000; proxy_send_timeout 18000; proxy_read_timeout 18000; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; location = /mp_verify_1wqwq.txt { root weixin; #weixin是nginx目录下html文件里的weixin文件夹 } # 处理/项目名a/a.jsp重定向到/项目名b/b.jsp location = /项目名a/a.jsp { rewrite . /项目名b/b.jsp permanent; # permanent 永久 } location /项目名c { # 转发 proxy_pass http://127.0.0.1:8080/项目名c; } location /项目名d { #转发 proxy_pass http://127.0.0.1:8080/项目名d; } location /blog { # 负载均衡跟upstream 的配置一致 proxy_pass http://raysonblog.cn/blog; } } }
后续也会继续完善此配置,大家在配置的时候,基本上可以满足应用了。。。
微信关注:“java技术干货”,或扫下方二维码。即刻关注,不迷路。