nginx配置多域名 https 转发
程序员文章站
2022-06-11 11:56:41
...
场景:
1、基于https的请求,是不能够请求http的非安全内容,所以我们的请求也需要对应的http
2、假设现在 web服务跟后台服务部署正在同一台机器上
web应用域名 a.xxx.com
后台服务网关域名 b.xxx.com
nginx配置文件:
user root;
worker_processes 4;
worker_cpu_affinity 0001 0010 0100 1000;
events {
use epoll;
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
server {
listen 80;
server_name a.xxx.com;
location / {
root dq-game-web ;
try_files $uri $uri/ @rewrite;
}
#301重定向 让http请求转定向到https地址
return 301 https://$server_name$request_uri;
# location @rewrite {
# rewrite ^.*$ /index.html last;
# }
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 443 ssl;
server_name a.xxx.com;
ssl_certificate /usr/local/nginx/ssl/xxx.pem;
ssl_certificate_key /usr/local/nginx/ssl/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
add_header Access-Control-Allow-Methods *;
add_header Access-Control-Allow-Origin $http_origin;
root xxx;
try_files $uri $uri/ @rewrite;
}
location @rewrite {
rewrite ^.*$ /index.html last;
}
}
server {
listen 443 ssl;
server_name b.xxxt.com;
ssl_certificate /usr/local/nginx/ssl/xxx.pem;
ssl_certificate_key /usr/local/nginx/ssl/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#转到到本地网关
proxy_pass http://localhost:18889;
}
}
}