标签:index ssl 配置 header nginx html proxy https location
# user nobody;
user root;
worker_processes 1;
worker_rlimit_nofile 51200;
events {
use epoll;
worker_connections 51200;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 1024m;
client_body_buffer_size 10m;
sendfile on;
tcp_nopush on;
keepalive_timeout 120;
server_tokens off;
tcp_nodelay on;
charset utf-8;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on;
#Gzip Compression
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
text/javascript application/javascript application/x-javascript
text/x-json application/json application/x-web-app-manifest+json
text/css text/plain text/x-component
font/opentype application/x-font-ttf application/vnd.ms-fontobject
image/x-icon;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
##If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
#open_file_cache max=1000 inactive=20s;
#open_file_cache_valid 30s;
#open_file_cache_min_uses 2;
#open_file_cache_errors on;
server_name_in_redirect off;
# ip
server {
listen 80;
listen 443 ssl;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
server_name _;
# index index.html index.htm;
root /opt/dist;
ssl_certificate ./cert/6778259_scout.dhhb.com.pem;
ssl_certificate_key ./cert/6778259_scout.dhhb.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
#ssl_stapling on;
#ssl_stapling_verify on;
server_name_in_redirect off;
location / {
root /opt/dist/scoutweb;
index index.html;
try_files $uri $uri/ /index.html;
}
location ^~/bigScreen {
alias /opt/dist/bigScreen;
index index.html;
try_files $uri $uri/ /bigScreen/index.html;
if (-d $request_filename) {
rewrite ^/(.*)([^/])$ http://$host:9443/$1$2/ permanent;
}
}
# 接口代理
location /api {
rewrite ^/api/(.*)$ /$1 break;
# Node 服务的IP + Port
# proxy_pass http://192.168.100.55:9911;
proxy_pass http://localhost:8088/;
}
# 接口代理
location /apiBigScreen {
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://localhost:8066/;
}
location /socket/ {
proxy_pass http://localhost:8088/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
# 路由配置信息
# location @router {
# rewrite ^.*$ /index.html last;
# }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# 保证icon,css等静态文件可以访问到
location ~* \.(?:ico|css|js|woff|eot|otf|ttf)$ {
# Some basic cache-control for static files to be sent to the browser
add_header Access-Control-Allow-Origin *;
}
location ~* \.(?:wav|mp3)$ {
max_ranges 0;
}
location /download {
alias /home/file/;
autoindex on;
}
#重定向到首页,因为vue单页面应用
location @rewrites {
rewrite ^(.+)$ /index.html last;
}
}
# domain
server {
listen 80;
listen 443 ssl;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers X-Requested-With;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
server_name scout.dhhb.com;
index index.html index.htm;
root /opt/dist;
ssl_certificate ./cert/6778259_scout.dhhb.com.pem;
ssl_certificate_key ./cert/6778259_scout.dhhb.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_timeout 10m;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_buffer_size 1400;
add_header Strict-Transport-Security max-age=15768000;
#ssl_stapling on;
#ssl_stapling_verify on;
server_name_in_redirect off;
if ($scheme = http) {
rewrite ^/(.*) https://$host:9443/$1 permanent;
}
location / {
root /opt/dist/scoutweb;
index index.html;
try_files $uri $uri/ /index.html;
}
location ^~/bigScreen {
alias /opt/dist/bigScreen;
index index.html;
try_files $uri $uri/ /bigScreen/index.html;
if (-d $request_filename) {
rewrite ^/(.*)([^/])$ http://$host:9443/$1$2/ permanent;
}
}
# 接口代理
location /api {
rewrite ^/api/(.*)$ /$1 break;
# Node 服务的IP + Port
# proxy_pass http://192.168.100.55:9911;
proxy_pass http://localhost:8088/;
}
# 接口代理
location /apiBigScreen {
rewrite ^/api/(.*)$ /$1 break;
proxy_pass http://localhost:8066/;
}
location /socket/ {
proxy_pass http://localhost:8088/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
# 路由配置信息
# location @router {
# rewrite ^.*$ /index.html last;
# }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# 保证icon,css等静态文件可以访问到
location ~ .*\.(ico|css|js|woff|eot|otf|ttf|jpg|png)$ {
# Some basic cache-control for static files to be sent to the browser
add_header Access-Control-Allow-Origin *;
}
location ~* \.(?:wav|mp3)$ {
# add_header Access-Control-Allow-Origin *;
max_ranges 0;
}
location /download {
alias /home/file/;
autoindex on;
}
}
}
标签:index,
ssl,
配置,
header,
nginx,
html,
proxy,
https,
location
From: https://www.cnblogs.com/lifan-fineDay/p/17006007.html