nginx配置config
单机server段配置:
server {
listen 80; #指定端口号
server_name 域名或ip; #要访问的域名或ip
root /www/webroot/dialect_php/public; #根目录
index index.php index.html index.htm; #访问页面类型
#nginx和PHP连接
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME
d
o
c
u
m
e
n
t
r
o
o
t
document_root
documentrootfastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri
u
r
i
/
/
i
n
d
e
x
.
p
h
p
?
uri/ /index.php?
uri//index.php?query_string;
}
}
rewritej基本用法
location ~ /a/ {
#格式:rewrite regex url flag;
rewrite /a/(.)/ /a/KaTeX parse error: Expected 'EOF', got '}' at position 14: 1.php last; }̲ #根据不同的浏览器URL重写…http_user_agent ~ Firefox){
rewrite ^(.)$ /firefox/KaTeX parse error: Expected 'EOF', got '}' at position 11: 1 break; }̲ if(http_user_agent ~ MSIE){
rewrite ^(.*)$ /msie/$1 break;
}
#实现域名跳转
location / {
rewrite ^/(.*)$ https://web8.example.com$1 permanent;
关于flag:
无:继续执行当前location块,遇到其他rewrite,或者return则被覆盖
last:结束当前location块,立即用心url开始下一轮的location匹配
break:结束当前location块,并且不再进行location匹配,直接根据新url去获取资源
反向代理
location / {
proxy_pass http://127.0.0.1:8000 #发送请求到其他的服务
proxy_set_header Host $host; #设置header
proxy_set_header X-Real-IP $REMOTE_ADDR;
}
介绍:
proxy_set_header Host KaTeX parse error: Expected 'EOF', got '#' at position 7: host; #̲只要用户在浏览器中访问的域名绑…host ;host是访问URL中的域名和端口 www.taobao.com:80
proxy_set_header X-Real-IP KaTeX parse error: Expected 'EOF', got '#' at position 15: remote_addr; #̲把源IP 【remote_addr,建立HTTP连接header里面的信息】赋值给X-Real-IP;这样在代码中 $X-Real-IP来获取 源IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#在nginx 作为代理服务器时,设置的IP列表,会把经过的机器ip,代理机器ip都记录下来,用 【,】隔开;代码中用 echo $x-forwarded-for |awk -F, ‘{print $1}’ 来作为源IP
负载均衡+反向代理
1、根据权重配置,在所有server段最前端写下代码:
upstream backend_server {
server xx.xx.xx.xx:81 weight=80;
server xx.xx.xx.xx:83 weight=90;
}
server {
listen 80; #指定端口号
server_name 域名或ip; #要访问的域名或ip
root /www/webroot/dialect_php/public; #根目录
index index.php index.html index.htm; #访问页面类型
location / {
proxy_pass http://backend_server;
proxy_set_header Host $host; #设置header
proxy_set_header X-Real-IP KaTeX parse error: Expected 'EOF', got '}' at position 15: REMOTE_ADDR; }̲ #nginx和P… {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME
d
o
c
u
m
e
n
t
r
o
o
t
document_root
documentrootfastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri
u
r
i
/
/
i
n
d
e
x
.
p
h
p
?
uri/ /index.php?
uri//index.php?query_string;
}
}
2、根据ip_hash配置
upstream backend_server {
ip_hash
server xx.xx.xx.xx:81;
server xx.xx.xx.xx:83 ;
}
server {
listen 80; #指定端口号
server_name 域名或ip; #要访问的域名或ip
root /www/webroot/dialect_php/public; #根目录
index index.php index.html index.htm; #访问页面类型
location / {
proxy_pass http://backend_server;
proxy_set_header Host $host; #设置header
proxy_set_header X-Real-IP KaTeX parse error: Expected 'EOF', got '}' at position 15: REMOTE_ADDR; }̲ #nginx和P… {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME
d
o
c
u
m
e
n
t
r
o
o
t
document_root
documentrootfastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri
u
r
i
/
/
i
n
d
e
x
.
p
h
p
?
uri/ /index.php?
uri//index.php?query_string;
}
}
静态页面访问
#静态文件,nginx自己处理,不去backend请求
location ~* /download/ {
root /apps/oa/fs;
}
location ~ .*.(gif|jpg|jpeg|bmp|png|ico|txt|js|css)$
{
root /apps/oaapp;
expires 7d;
}
user nginx;
worker_processes 2;
error_log logs/error.log;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 32k;
gzip_http_version 1.1;
gzip_comp_level 9;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/jpeg image/gif image/png application/javascript;
gzip_vary on;
sendfile on;
keepalive_timeout 65;
client_max_body_size 50m;
client_header_buffer_size 16k;
large_client_header_buffers 4 16k;
server_tokens off;
log_format json '{"timestamp":"$time_iso8601",'
'"server_addr":"$server_addr",'
'"client_ip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"response_time":$request_time,'
'"upstream_time":"$upstream_response_time",'
'"upstream_host":"$upstream_addr",'
'"http_host":"$host",'
'"url":"$uri",'
'"xff":"$http_x_forwarded_for",'
'"referer":"$http_referer",'
'"user_agent":"$http_user_agent",'
'"status":"$status"}';
include vhost/*.conf;
}
vhost/www.tongxingkeji.conf
log_format tongxingkeji.com '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'$ssl_protocol $ssl_cipher '
'"$http_user_agent" $http_x_forwarded_for '
'"$upstream_addr" "$upstream_status" "$upstream_response_time" "$request_time"';
server {
listen 80;
server_name www.tongxingkeji.com;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
server_name www.tongxingkeji.com;
ssl_certificate ssl/lsdko.pem;
ssl_certificate_key ssl/lsdko.key;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
include whitelist.conf;
deny all;
location / {
proxy_pass http://192.168.237.129:8051;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_temp_file_write_size 256k;
}
access_log /data/nginx/logs/tongxingkeji.log www.tongxingkeji.com;
error_log /data/nginx/logs/tongxingkeji_error.log;
}