1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125
| user root; worker_processes 4;
pid /run/nginx.pid; error_log /var/log/nginx/error.log error;
include /usr/share/nginx/modules/*.conf;
events { worker_connections 65535; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log off;
include /etc/nginx/mime.types; default_type application/octet-stream;
charset utf-8; sendfile on; tcp_nopush on; tcp_nodelay on;
keepalive_timeout 65;
gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.0; gzip_comp_level 2; gzip_types text/plain text/css text/javascript application/json application/javascript application/x-javascript application/xml; gzip_vary on; client_max_body_size 500m; client_body_buffer_size 256k;
upstream pims_api{ ip_hash; server localhost:21021; } map $http_upgrade $connection_upgrade { default upgrade; '' close; } proxy_hide_header X-Frame-Options; server_tokens off;
proxy_cache_path /etc/nginx/cache levels=1:2 keys_zone=mycache:20m max_size=200m inactive=24h use_temp_path=off;
server { listen 8001; server_name localhost; charset utf-8;
root /root/pims_web;
location /admin/ {
add_header Cache-Control no-cache; if ($request_filename ~* ^.*?\.(js|css|gif|jpg|jpeg|png|bmp|swf|png|svg|mp4|ogg|ogv|webm|htc|xml|woff|woff2|ico|pdf)$){ expires 1d; } index index.html; } location /pims/ { proxy_pass http://pims_api/;
proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
charset utf-8; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade;
proxy_cache off; } }
server { listen 80 default; server_name domian1.com domian2.com; rewrite ^(.*)$ https://${server_name}$1 permanent; }
server { listen 443 ssl; server_name domain.com; ssl_certificate /etc/nginx/conf.d/cert/domain.crt; ssl_certificate_key /etc/nginx/conf.d/cert/domain.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on;
location /pims/ { proxy_pass http://pims_api/;
proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
charset utf-8; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; } } }
|