首页 > 系统相关 >nginx 一个端口 多路由配置多项目 https 配置项

nginx 一个端口 多路由配置多项目 https 配置项

时间:2022-12-26 16:02:22浏览次数:40  
标签:index ssl 配置 header nginx html proxy https location

# user  nobody;
user root;
worker_processes 1;
worker_rlimit_nofile 51200;

events {
  use epoll;
  worker_connections 51200;
  multi_accept on;
}


http {
  include mime.types;
  default_type application/octet-stream;
  server_names_hash_bucket_size 128;
  client_header_buffer_size 32k;
  large_client_header_buffers 4 32k;
  client_max_body_size 1024m;
  client_body_buffer_size 10m;
  sendfile on;
  tcp_nopush on;
  keepalive_timeout 120;
  server_tokens off;
  tcp_nodelay on;
  charset utf-8;

  fastcgi_connect_timeout 300;
  fastcgi_send_timeout 300;
  fastcgi_read_timeout 300;
  fastcgi_buffer_size 64k;
  fastcgi_buffers 4 64k;
  fastcgi_busy_buffers_size 128k;
  fastcgi_temp_file_write_size 128k;
  fastcgi_intercept_errors on;

  #Gzip Compression
  gzip on;
  gzip_buffers 16 8k;
  gzip_comp_level 6;
  gzip_http_version 1.1;
  gzip_min_length 256;
  gzip_proxied any;
  gzip_vary on;
  gzip_types
  text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
  text/javascript application/javascript application/x-javascript
  text/x-json application/json application/x-web-app-manifest+json
  text/css text/plain text/x-component
  font/opentype application/x-font-ttf application/vnd.ms-fontobject
  image/x-icon;
  gzip_disable "MSIE [1-6]\.(?!.*SV1)";

  ##If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
  #open_file_cache max=1000 inactive=20s;
  #open_file_cache_valid 30s;
  #open_file_cache_min_uses 2;
  #open_file_cache_errors on;
  server_name_in_redirect off;


  # ip
  server {
    listen 80;
    listen 443 ssl;
    add_header Access-Control-Allow-Origin *;
    add_header Access-Control-Allow-Headers X-Requested-With;
    add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
    server_name _;
    # index index.html index.htm;
    root /opt/dist;
    ssl_certificate ./cert/6778259_scout.dhhb.com.pem;
    ssl_certificate_key ./cert/6778259_scout.dhhb.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    #ssl_stapling on;
    #ssl_stapling_verify on;

    server_name_in_redirect off;


    location / {
      root /opt/dist/scoutweb;
      index index.html;
      try_files $uri $uri/ /index.html;
    }

    location ^~/bigScreen {
      alias /opt/dist/bigScreen;
      index index.html;
      try_files $uri $uri/ /bigScreen/index.html;

      if (-d $request_filename) {
        rewrite ^/(.*)([^/])$ http://$host:9443/$1$2/ permanent;
      }

    }

    # 接口代理
    location /api {
      rewrite ^/api/(.*)$ /$1 break;
      # Node 服务的IP + Port
      # proxy_pass http://192.168.100.55:9911;
      proxy_pass http://localhost:8088/;
    }
    # 接口代理
    location /apiBigScreen {
      rewrite ^/api/(.*)$ /$1 break;
      proxy_pass http://localhost:8066/;
    }
    location /socket/ {
      proxy_pass http://localhost:8088/;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_read_timeout 86400s;
      proxy_send_timeout 86400s;
    }
    # 路由配置信息
    # location @router {
    #   rewrite ^.*$ /index.html last;
    # }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
      root html;
    }
    # 保证icon,css等静态文件可以访问到
    location ~* \.(?:ico|css|js|woff|eot|otf|ttf)$ {
      # Some basic cache-control for static files to be sent to the browser
      add_header Access-Control-Allow-Origin *;
    }
    location ~* \.(?:wav|mp3)$ {
      max_ranges 0;
    }

    location /download {
      alias /home/file/;
      autoindex on;
    }
    #重定向到首页,因为vue单页面应用
    location @rewrites {
      rewrite ^(.+)$ /index.html last;
    }

  }

  # domain
  server {
    listen 80;
    listen 443 ssl;
    add_header Access-Control-Allow-Origin *;
    add_header Access-Control-Allow-Headers X-Requested-With;
    add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
    server_name scout.dhhb.com;
    index index.html index.htm;
    root /opt/dist;
    ssl_certificate ./cert/6778259_scout.dhhb.com.pem;
    ssl_certificate_key ./cert/6778259_scout.dhhb.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    #ssl_stapling on;
    #ssl_stapling_verify on;

    server_name_in_redirect off;


    if ($scheme = http) {
      rewrite ^/(.*) https://$host:9443/$1 permanent;
    }


    location / {
      root /opt/dist/scoutweb;
      index index.html;
      try_files $uri $uri/ /index.html;
    }

    location ^~/bigScreen {
      alias /opt/dist/bigScreen;
      index index.html;
      try_files $uri $uri/ /bigScreen/index.html;

      if (-d $request_filename) {
        rewrite ^/(.*)([^/])$ http://$host:9443/$1$2/ permanent;
      }

    }

    # 接口代理
    location /api {
      rewrite ^/api/(.*)$ /$1 break;
      # Node 服务的IP + Port
      # proxy_pass http://192.168.100.55:9911;
      proxy_pass http://localhost:8088/;
    }
    # 接口代理
    location /apiBigScreen {
      rewrite ^/api/(.*)$ /$1 break;
      proxy_pass http://localhost:8066/;
    }
    location /socket/ {
      proxy_pass http://localhost:8088/;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_read_timeout 86400s;
      proxy_send_timeout 86400s;
    }
    # 路由配置信息
    # location @router {
    #   rewrite ^.*$ /index.html last;
    # }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
      root html;
    }
    # 保证icon,css等静态文件可以访问到
    location ~ .*\.(ico|css|js|woff|eot|otf|ttf|jpg|png)$ {
      # Some basic cache-control for static files to be sent to the browser
      add_header Access-Control-Allow-Origin *;
    }
    location ~* \.(?:wav|mp3)$ {
      # add_header Access-Control-Allow-Origin *;
      max_ranges 0;
    }

    location /download {
      alias /home/file/;
      autoindex on;
    }

  }
}

标签:index,ssl,配置,header,nginx,html,proxy,https,location
From: https://www.cnblogs.com/lifan-fineDay/p/17006007.html

相关文章

  • nginx 单项目 https 配置
    #usernobody;worker_processes1;worker_rlimit_nofile51200;events{#useepoll;worker_connections51200;multi_accepton;}http{includemim......
  • nginx在二级目录访问需要加/才能访问的解决办法
    nginx为什么在二级目录访问的时候要加/才能访问到比如https://scout.dhhb.com:9443/bigScreen要这样https://scout.dhhb.com:9443/bigScreen/才能访问到不加最后那个/无......
  • kdump配置详解
    1.检查当前kdump服务状态1.1检查是否已经配置加载kdump环境检查命令:grepcrashkernel/proc/cmdline结果确认:如果能看到crashkernel=auto字样,......
  • 【spring框架】application.yml配置
    #应用名称spring:servlet:multipart:max-request-size:500MB#用来控制文件上传大小的限制max-file-size:500MB#用来指定服务端最大文件大小......
  • Prometheus监控之pushgateway安装配置
    一、简介1、介绍1、pushgateway是什么pushgateway是另一种数据采集的方式,采用被动推送来获取监控数据的prometheus插件,它可以单独运行在任何节点上,并不一定要运行在被监控的......
  • CentOS 6.0 图形(图解)安装教程、基本配置、网络配置、软件源配置、安装压
    一.准备安装CentOS61.CentOS简介CentOS是甚么?CentOS是一个基于RedHat企业级Linux提供的可自由使用的源代码企业级的Linux发行版本。每个版本的CentOS都会获得七年......
  • Jenkins的安装与配置(win10)
    Jenkins是一个基于Java开发的开源的一种持续集成工具,主要用于环境部署,监控重复性的工作,旨在提供一个开放易用的软件平台,使软件项目可以进行持续集成。要想使用它,你就必须的......
  • Nginx Too many open files;limite
    报错日志2019/07/2508:31:31[crit]15929#15929:accept4()failed(24:Toomanyopenfiles)2019/07/2508:31:31[crit]15930#15930:accept4()failed(24:Toom......
  • Prometheus prometheus.yml配置文件介绍 2
    下面是prometheus.yml的一个配置示例,非默认示例,自己加了canal和ebs-python-crawler二个job#myglobalconfigglobal:scrape_interval:15s#Setthescrapeinte......
  • YonBuilder应用构建教程之移动端基础配置
    在YonBuilder中除了PC端应用的构建外,我们还可以构建配套的移动端页面。对于同一个数据实体可以实现PC端和移动端的数据同步修改,使数据录入、修改、审批等更加便捷。本篇文章......