nginx 配置样例

/ Annabelle
目录
nginx.conf
worker_processes  auto;

#pid        logs/nginx.pid;

events {
        use epoll;
        worker_connections 51200;
        multi_accept on;
}

http {
        include       mime.types;
        #include       fastcgi.conf;
        default_type  application/octet-stream;

        server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile   on;
        tcp_nopush on;

        keepalive_timeout 60;

        tcp_nodelay on;

        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 256k;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.1;
        gzip_comp_level 2;
        gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
        gzip_vary on;
        gzip_proxied   expired no-cache no-store private auth;
        gzip_disable   "MSIE [1-6]\.";

        #limit_conn_zone $binary_remote_addr zone=perip:10m;
        ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

        server_tokens off;
        access_log off;

        include conf.d/*.conf;
}
xxx.conf

生成自签名证书,配置ssl

upstream gates {
    server 10.46.56.25:9001;
}

upstream agent-service {
    server 10.46.56.25:9101;
}

server {
    listen       10080;
    server_name  localhost;

    #charset koi8-r;

    #access_log  logs/host.access.log  main;

    location /kernelApi {
            add_header Access-Control-Allow-Headers *;
            proxy_pass http://gates;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

server {
        listen       10443 ssl;
        server_name  localhost;

        ssl_certificate      conf.d/server.crt;
        ssl_certificate_key  conf.d/server.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        client_max_body_size 1024m;         #主要是这个参数,限制了上传文件大大小
        client_body_buffer_size 2048k;

        location /server/ {
            proxy_pass http://agent-service;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        location /client/ {
            proxy_pass http://agent-service;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        location /api {
            add_header Access-Control-Allow-Origin *;
            proxy_pass http://gates;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
}
asset.conf
server {
        listen       8036;
        server_name  127.0.0.1 alias 10.249.44.23;
        root   /wwwroot/zctc_asset_manage/public;
        index  index.html index.htm index.php;

        location ~ .php$ {
            fastcgi_index index.php;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param  OS_STATUS TEST;
            include fastcgi_params;
            proxy_read_timeout 1800;
            fastcgi_read_timeout 1800;
        }
        location / {
#               if (!-e $request_filename){
                        try_files $uri $uri/ /index.php?$query_string;
#               }
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        access_log  /var/log/nginx/zctc_asset_manage_access.log;
        error_log /var/log/nginx/zctc_asset_manage_error.log;

}
asset_front.conf
server {
        listen       8037;
        server_name  127.0.0.1 alias 10.249.44.23;

        location / {
        root /wwwroot/zctc_asset_front/;
        index index.html;
          if (!-e $request_filename){
                rewrite (.*) /index.html;
        }
    }
    client_max_body_size    200m;

    location /api/ {
        proxy_pass http://10.249.44.23:8036;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location /accounts/admin/login {
        #proxy_pass http://10.249.44.23:8036;
        proxy_pass http://10.249.175.1:8006/accounts/admin/login;
        proxy_set_header Host $http_host;
    }

}