首页 > 系统相关 >nginx rewrite

nginx rewrite

时间:2024-01-22 19:11:23浏览次数:49  
标签:set http header rewrite request nginx add proxy 

server {
    listen       443 ssl;
    listen  [::]:443 ssl;
    server_name  localhost;

    ssl_certificate  cert/server.crt;
    ssl_certificate_key cert/server.key;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    location /authSignature {
        internal; # 只允许内部调用,外部调用报404
        proxy_pass $auth_request_uri;

        proxy_pass_request_body off; # 不向上游发送包体
        proxy_set_header Content-Length ""; # 同上,看情况加或不加
        proxy_set_header X-Original-URI $request_uri; # 传递真实请求路径
        proxy_set_header X-Original-Remote-Addr $remote_addr; # 传递真实访问者地址
        proxy_set_header X-Original-Host $host; # 传递真实请求地址
    }

    location /archive/file/ {
        auth_request /authSignature;
        set $auth_request_uri "http://192.168.50.106:32000/auth/signature?$query_string";
        #auth_request_set $user $upstream_http_x_forwarded_user;
        #proxy_set_header X-User $user; # 可以传递Header
        #add_header Set-Cookie $user; # 可以传递Cookie
        add_header X-Frame-Options SAMEORIGIN;
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

        if ($request_method = 'OPTIONS') {
            return 204;
        }
        proxy_pass http://192.168.50.106:31200/;
        proxy_read_timeout 1800;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }

    location /archive/oss/ {
        auth_request /authSignature;
        set $auth_request_uri "http://192.168.50.106:32000/auth/signature?$query_string";
        #auth_request_set $user $upstream_http_x_forwarded_user;
        #proxy_set_header X-User $user; # 可以传递Header
        #add_header Set-Cookie $user; # 可以传递Cookie
        add_header X-Frame-Options SAMEORIGIN;
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

        if ($request_method = 'OPTIONS') {
            return 204;
        }

        if ($args ~* (.*&|^)X-REQUEST-ID=[^&]*(.*)) {
            set $args $1;
        }

        rewrite ^/archive/oss/(.*)$ /$1?$args break;

        proxy_pass http://192.168.50.112:48080/;
        proxy_read_timeout 1800;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

 

server {
    listen       443 ssl;
    listen  [::]:443 ssl;
    server_name  localhost;

    ssl_certificate  cert/server.crt;
    ssl_certificate_key cert/server.key;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    location /authSignature {
        internal; # 只允许内部调用,外部调用报404
        proxy_pass $auth_request_uri;

        proxy_pass_request_body off; # 不向上游发送包体
        proxy_set_header Content-Length ""; # 同上,看情况加或不加
        proxy_set_header X-Original-URI $request_uri; # 传递真实请求路径
        proxy_set_header X-Original-Remote-Addr $remote_addr; # 传递真实访问者地址
        proxy_set_header X-Original-Host $host; # 传递真实请求地址
    }

    location /archive/file/ {
        auth_request /authSignature;
        set $auth_request_uri "http://192.168.50.106:32000/auth/signature?$query_string";
        #auth_request_set $user $upstream_http_x_forwarded_user;
        #proxy_set_header X-User $user; # 可以传递Header
        #add_header Set-Cookie $user; # 可以传递Cookie
        add_header X-Frame-Options SAMEORIGIN;
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

        if ($request_method = 'OPTIONS') {
            return 204;
        }

        if ($args ~* (.*&|^)(&)X-REQUEST-ID=[^&]*(.*)) {
            set $args $1;
        }

        rewrite ^/archive/file/(.*)$ /$1?$args break;

        proxy_pass http://192.168.50.106:31200/;
        proxy_read_timeout 1800;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }

    location /archive/oss/ {
        auth_request /authSignature;
        set $auth_request_uri "http://192.168.50.106:32000/auth/signature?$query_string";
        #auth_request_set $user $upstream_http_x_forwarded_user;
        #proxy_set_header X-User $user; # 可以传递Header
        #add_header Set-Cookie $user; # 可以传递Cookie
        add_header X-Frame-Options SAMEORIGIN;
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

        if ($request_method = 'OPTIONS') {
            return 204;
        }

        if ($args ~* (.*&|^)(&)X-REQUEST-ID=[^&]*(.*)) {
            set $args $1;
        }

        rewrite ^/archive/oss/(.*)$ /$1?$args break;

        proxy_pass http://192.168.50.112:48080/;
        proxy_read_timeout 1800;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto http;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }
}

 

标签:set,http,header,rewrite,request,nginx,add,proxy
From: https://www.cnblogs.com/exmyth/p/17980777

相关文章

  • 将jupyter notebook通过nginx代理
    最近要学习数据分析,就需要一个jupyternotebook环境,由于不想在公司和家里的环境来回切换,正好有台公网服务器,就将jupyternotebook部署到服务器上,然后通过nginx代理处理。期间踩了好多坑,现记录如下。一、安装jupyternotebookpip3installjupyter二、配置jupyter1、配置......
  • nginx
    记录使用nginx调试遇到的问题在Azure的UbuntuVM上,安装一个nginx,搭建一个网络,提供https访问,设置证书,自动刷新证书,安装docker,同时docker中运行一个网站。总结遇到的坑。申请证书安装Certbot跟Nginx插件sudoapt-getupdatesudoapt-getinstallsoftware-prop......
  • 比Nginx更好用的Gateway!
    比Nginx更好用的Gateway!Token新开源Gateway,使用yarp实现的一个反向代理,支持界面操作动态添加集群添加路由绑定,并且支持动态添加域名绑定https证书,超强yarp+FreeSql+MiniApis纯原生接口实现。功能亮点在线配置域名证书:实时生效,无需重启服务。集群和路由的在线配置:动态添加和修......
  • NGINX sub_filter和subs_filter 指令讲解
    目录一、概述二、nginx环境部署三、sub_filter四、subs_filter一、概述在NGINX中,sub_filter和subs_filter是两个用于替换响应内容中字符串的指令,它们主要用于反向代理和修改响应内容。下面是它们之间的主要区别:sub_filter是基本的字符串替换,不支持正则表达式。subs_fi......
  • 前后端都用得上的 Nginx 日常使用经验-补充篇
    之前分享了前后端都用得上的Nginx日常使用经验,在配置elk的时候增加了nginxbasicauth和IP百名的配置,作为补充分享。配置nginx域名转发常规的转发配置,不需要https部分去掉即可,一般只需要修改域名和转发地址server{listen80;listen443ssl;s......
  • nginx反向代理时报no resolver defined to resolve
    错误日志2024/01/1105:29:22[error]29#29:*44noresolverdefinedtoresolvewww.test.com,client:127.0.0.1,server:_,request:"GET/test/123HTTP/1.1",host:"127.0.0.1:8080"nginx配置server{listen8080;server_name_;locatio......
  • nginx反向代理时报no resolver defined to resolve
    错误日志2024/01/1105:29:22[error]29#29:*44noresolverdefinedtoresolvewww.test.com,client:127.0.0.1,server:_,request:"GET/test/123HTTP/1.1",host:"127.0.0.1:8080"nginx配置server{listen8080;server_name_;locatio......
  • nginx设置开机启动后配置没生效 | selinux不限制nginx
    1现象给nginx配置负载均衡后,使用/usr/sbin/nginx启动nginx的话,负载均衡有效;但是给nginx配置好了开机启动后,重启机器,nginx正常启动,但是负载均衡不生效了。kill了nginx进程,再使用/usr/sbin/nginx重新启动nginx,负载均衡又有效了。(PS:本人nginx是centos7下yum安装的) 先查询状态sys......
  • nginx 命令行启动成功, systemd启动失败
    通过一下方式解决问题:https://serverfault.com/questions/759175/nginx-hangs-using-service-nginx-start 使用./nginx启动成功,但是使用systemd配置启动失败,以下是配置文件:sudonano/etc/systemd/system/nginx.service[Unit]Description=TheNGINXHTTPandrevers......
  • nginx 关闭TLS 1.0 TLS 1.1
    server{listen443ssl;server_namewww.XXX.com;proxy_read_timeout3600s;#设置读取超时时间ssl_certificateC:/xxxx.pem;ssl_certificate_keyC:/xxxx.key;ssl_session_cache......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99