Nginx学习笔记

反向代理

配置文件路径

1
2
sudo vim /etc/nginx/nginx.conf
sudo vim /usr/local/nginx/conf/nginx.conf

Tomcat

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
user www www;
worker_processes auto;

error_log /data/wwwlogs/error_nginx.log crit;
pid /var/run/nginx.pid;
worker_rlimit_nofile 51200;

events {
  use epoll;
  worker_connections 51200;
  multi_accept on;
}

http {
  include mime.types;
  default_type application/octet-stream;
  server_names_hash_bucket_size 128;
  client_header_buffer_size 32k;
  large_client_header_buffers 4 32k;
  client_max_body_size 1024m;
  client_body_buffer_size 10m;
  sendfile on;
  tcp_nopush on;
  keepalive_timeout 120;
  server_tokens off;
  tcp_nodelay on;

  fastcgi_connect_timeout 300;
  fastcgi_send_timeout 300;
  fastcgi_read_timeout 300;
  fastcgi_buffer_size 64k;
  fastcgi_buffers 4 64k;
  fastcgi_busy_buffers_size 128k;
  fastcgi_temp_file_write_size 128k;
  fastcgi_intercept_errors on;

  #Gzip Compression
  gzip on;
  gzip_buffers 16 8k;
  gzip_comp_level 6;
  gzip_http_version 1.1;
  gzip_min_length 256;
  gzip_proxied any;
  gzip_vary on;
  gzip_types
    text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
    text/javascript application/javascript application/x-javascript
    text/x-json application/json application/x-web-app-manifest+json
    text/css text/plain text/x-component
    font/opentype application/x-font-ttf application/vnd.ms-fontobject
    image/x-icon;
  gzip_disable "MSIE [1-6]\.(?!.*SV1)";

  ##Brotli Compression
  #brotli on;
  #brotli_comp_level 6;
  #brotli_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;

  ##If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
  #open_file_cache max=1000 inactive=20s;
  #open_file_cache_valid 30s;
  #open_file_cache_min_uses 2;
  #open_file_cache_errors on;

  log_format me '$remote_addr - [$time_iso8601] request:"$request" request_length:$request_length status_code:$status handler_time:$request_time response_length:$body_bytes_sent';
  #log_format debug '$remote_addr - [$time_iso8601] request:"$uri" args:"$args" dm:"$request_body" handler_time:$request_time response_length:$bytes_sent';
  log_format debug escape=json '{ "@timestamp": "$time_iso8601", '
                       '"remote_addr": "$remote_addr",'
                       '"uri": "$uri",'
                       '"request_time": "$request_time",'
                       '"upstream_response_time": "$upstream_response_time",'
                       '"status": $status,'
                       '"request": "$request",'
                       '"bytes":$body_bytes_sent,'
                       '"dm":$request_body }';


  upstream cloud-gateway {
    server localhost:8022;
  }

  upstream service-auth {
    server localhost:8023;
  }


######################## default ############################
  server {
    listen 80;
    listen 443 ssl;
    
    server_name _;

    # ssl证书地址
    ssl_certificate     /usr/local/nginx/cert/xxxxxx.pem;  # pem文件的路径
    ssl_certificate_key  /usr/local/nginx/cert/xxxxxx.key; # key文件的路径

    # ssl验证相关配置
    ssl_session_timeout  5m;    #缓存有效期
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;    #加密算法
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    #安全链接可选的加密协议
    ssl_prefer_server_ciphers on;   #使用服务器端的首选算法


    #ssl on;

    #access_log /data/wwwlogs/access_nginx.log me;
    access_log /data/wwwlogs/access_nginx.log debug;
    #root /data/wwwroot/default;
    root /404.html;
    index index.html index.htm index.jsp;
    #error_page 404 /404.html;
    #error_page 502 /502.html;

    location / {
        root   html;
        index  index.html index.htm;
    }
    
    location /v1/ {
      chunked_transfer_encoding off;
      autoindex on; # 当设置为on的时候表示打开目录浏览功能
      autoindex_exact_size on; # 显示文件大小
      autoindex_localtime on; # 显示文件时间
      proxy_pass http://cloud-gateway/v1/;
      proxy_set_header X-Forwarded-Proto $scheme;              
      proxy_set_header X-Forwarded-Port $server_port;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_set_header X-NginX-Proxy true;
      proxy_redirect off;
    }

    location /oauth/ {
      chunked_transfer_encoding off;
      autoindex on; # 当设置为on的时候表示打开目录浏览功能
      autoindex_exact_size on; # 显示文件大小
      autoindex_localtime on; # 显示文件时间
      proxy_pass http://service-auth/oauth/;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Port $server_port;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_set_header X-NginX-Proxy true;
      proxy_redirect off;
      add_header Access-Control-Allow-Origin *;
      add_header Access-Control-Allow-Methods 'GET,POST,OPTIONS,PUT,DELETE';
      add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
    }

    location /nacos/ {
      proxy_pass http://localhost:8848/nacos/;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-Port $server_port;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location /files {
      alias /home/upload/files;
      autoindex on; # 当设置为on的时候表示打开目录浏览功能
      autoindex_exact_size on; # 显示文件大小
      autoindex_localtime on; # 显示文件时间
    }

    location /web/ {
      alias /home/web/;
      autoindex_exact_size on; # 显示文件大小
      autoindex_localtime on; # 显示文件时间
    }

    #location /nginx_status {
    #  stub_status on;
    #  access_log off;
    #  allow 127.0.0.1;
    #  deny all;
    #}
    #location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
    #  expires 30d;
    #  access_log off;
    #}
    #location ~ .*\.(js|css)?$ {
    #  expires 7d;
    #  access_log off;
    #}
    #location ~ {
    #  proxy_pass http://127.0.0.1:8080;
    #  include proxy.conf;
    #}
    #location ~ ^/(\.user.ini|\.ht|\.git|\.svn|\.project|LICENSE|README.md) {
    #  deny all;
    #}
  }
########################## vhost #############################
  include vhost/*.conf;
}

thinkphp

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration

server {
	listen 80 default_server;
	listen [::]:80 default_server;

	root /var/www/html;

	index index.php index.html index.htm index.nginx-debian.html;

	server_name _;
	location / {
        if (!-e $request_filename) {
	        rewrite ^/index.php(.*)$ /index.php?s=$1 last;
	        rewrite ^(.*)$ /index.php?s=$1 last;
        	break;
	    }
	}
	sendfile off;
	client_max_body_size 100m;

	location ~ \.php$ {
		root    /var/www/html/;                           #php文件所在的根目录
		index index.html index.htm index.php;
        fastcgi_pass 127.0.0.1:9000;                      #fpm监听的IP和端口
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;

	}
	location ~ .*\.(gif|jpg|jpeg|png)$ {  
	    expires 24h;  
	}

}

今日诗词

作者信息