欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Nginx

程序员文章站 2022-06-11 16:12:01
...
Nginx

下载nginx,安装完成后查看其目录结构:
client_body_temp	
fastcgi_temp
logs
sbin // 启动 关闭目录
uwsgi_temp
conf // 配置文件所在文件夹
html // index.html 默认显示页面
proxy_temp
scgi_temp


sbin目录下 启动: sudo ./nginx 关闭: sudo ./nginx -s stop


配置文件:



#user nobody;
worker_processes auto;
worker_rlimit_nofile 100000;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

#pid logs/nginx.pid;


events {
worker_connections 100000;
multi_accept on;
use epoll;
}

http {

// 配置集群
upstream tomcat {
server 192.168.31.10:8080 weight=10;
server 192.168.31.11:8081 weight=10;
server 192.168.31.12:8082 weight=10;
}

upstream touch{
server 127.0.0.1:32222;
}

include mime.types;
include /opt/nginx-1.8.0/conf/proxy.conf;
default_type application/octet-stream;

#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;
server_tokens off;
sendfile on;
tcp_nopush on;
access_log off;
#keepalive_timeout 0;
keepalive_timeout 10;
client_header_timeout 10;
client_body_timeout 10;
reset_timedout_connection on;
send_timeout 10;
limit_conn_zone $binary_remote_addr zone=addr:5m;
limit_conn addr 60000;
charset UTF-8;

gzip on;
# gzip_static on;
gzip_disable "msie6";
gzip_proxied any;
gzip_min_length 1000;
gzip_comp_level 4;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# cache informations about file descriptors, frequently accessed files
# can boost performance, but you need to test those values
open_file_cache max=100000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
include /opt/nginx-1.8.0/conf.d/*.conf;
include /opt/nginx-1.8.0/sites-enabled/*;

server {
listen 80;
server_name fruit.tunnel.qydev.com;

#charset koi8-r;

#access_log logs/host.access.log main;


location /admin {
# root html;
# index index.html index.htm;
proxy_pass http://tomcat/admin; // 反向代理
}

location /hsh {
proxy_pass http://touch/hsh;
}


location /mobile {
proxy_pass http://192.168.31.161:8080/mobile;
}

location /uicw {
proxy_pass http://192.168.31.161:8080/uicw;
}

location /trans {
proxy_pass http://192.168.31.161:8080/trans;
}

// 访问静态资源
location /images {
alias /data/fruit/images; // 访问路径: /data/fruit/images
expires 7d;
}


#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;

# location / {
# root html;
# index index.html index.htm;
# }
#}




server {
charset utf-8;
listen 5555;
server_name localhost;
#location ~* \.(eot|ttf|woff)$ {
# add_header Access-Control-Allow-Origin *;
#}

location /admin/store/maintenance {
#add_header Access-Control-Allow-Origin *;
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1;
}
location /admin/store/enroll {
#add_header Access-Control-Allow-Origin *;
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1;
}
location /admin/help/store/video {
#add_header Access-Control-Allow-Origin *;
proxy_pass http://tomcat1;
}
location /admin/help/agent/video {
#add_header Access-Control-Allow-Origin *;
proxy_pass http://tomcat1;
}
location /admin/agent/store/management{
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1;
}

location /admin/agentManager/store/management{
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1;
}

location /admin/agent/help/video{
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1;
}

location /admin/agentManager/help/video{
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1;
}


location /{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ https://192.168.31.161/$1 redirect;
}
}

# HTTPS server
#
server {
charset utf-8;
access_log logs/https_access.log;
listen 443 ssl;
server_name localhost;
ssl on;
ssl_certificate /opt/nginx-1.8.0/sslkey/server.crt;
ssl_certificate_key /opt/nginx-1.8.0/sslkey/server.key;

ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /opt/nginx-1.8.0/sslkey/startssl_trust_chain.crt;
resolver 61.177.7.1 8.8.8.8 8.8.4.4;

add_header Strict-Transport-Security "max-age=31536000";

#location ~* \.(eot|ttf|woff)$ {
# add_header Access-Control-Allow-Origin *;
#}

location /admin/store/maintenance {
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}

location /admin/store/enroll{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}

location /admin/help/store/video{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}

location /admin/agent/store/management{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}

location /admin/agentManager/store/management{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}

location /admin/agent/help/video{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}

location /admin/agentManager/help/video{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}
location /admin/help/agent/video{
#root html;
#index index.html index.htm;
rewrite ^/(.*)$ http://192.168.31.161:5555/$1 permanent;
}
location /admin {
add_header Access-Control-Allow-Origin http://192.168.31.161:5555;
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1/admin;
}
}


server {
charset utf-8;
listen 9090 ssl;
server_name localhost;

ssi on;
ssi_silent_errors on;
ssi_types text/shtml;

ssl_certificate /opt/nginx-1.8.0/ca/server/server.crt;
ssl_certificate_key /opt/nginx-1.8.0/ca/server/server.key;
ssl_client_certificate /opt/nginx-1.8.0/ca/private/ca.crt;

ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /opt/nginx-1.8.0/sslkey/startssl_trust_chain.crt;
resolver 61.177.7.1 8.8.8.8 8.8.4.4;

add_header Strict-Transport-Security "max-age=31536000";

location /mobile {
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1/mobile;
}
location /storemobile {
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1/storemobile;
}
location /agentmobile {
#root html;
#index index.html index.htm;
proxy_pass http://tomcat1/agentmobile;
}
}


server {
listen 7777;
server_name localhost;

#charset koi8-r;

#access_log logs/host.access.log main;

location /mobile/html {

proxy_pass http://tomcat1/mobile/html;
}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}

}