#user nobody;
Worker_processes 1;
Error_log Logs/error.log;
#error_log Logs/error.log Notice;
#error_log Logs/error.log Info;
#pid Logs/nginx.pid;
Worker_rlimit_nofile 204800;
Events {
Worker_connections 204800;
Multi_accept on;
Use Epoll;
}
HTTP {
Include Mime.types;
Default_type Application/octet-stream;
Log_format test166 ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _referer '
' "$http _user_agent" "$http _x_forwarded_for" '
' [$request _time] "" [$upstream _response_time] "'
"[$connection]" "[$connection _requests]" '
"$http _imei" "$http _mobile" "$http _type" "$http _key" "$cookie _sfpay_jsessionid";
Access_log Logs/access.log test166;
Sendfile on;
#tcp_nopush on;
Underscores_in_headers on;
Keepalive_timeout 65;
Proxy_connect_timeout 10s;
Proxy_read_timeout 120;
Proxy_send_timeout 60;
Proxy_buffer_size 16k;
Proxy_buffers 4 64k;
Proxy_busy_buffers_size 128k;
Proxy_temp_file_write_size 128k;
Proxy_temp_path/home/temp_dir;
Proxy_cache_path/home/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g;
Client_header_buffer_size 12k;
Open_file_cache max=204800 inactive=65s;
Open_file_cache_valid 30s;
Open_file_cache_min_uses 1;
Fastcgi_intercept_errors on;
gzip on;
Gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image /jpeg image/gif image/png image/jpg;
Upstream Ims-oms {
Server 10.118.240.31:8001;
}
Upstream Up_cms {
Server 10.118.242.206:8080;
#server 10.118.244.163:8080;
}
Upstream Up_adms {
Server 10.118.242.206:8082;
#server 10.118.200.19:8080;
}
Upstream UP_PSFM {
Server 10.118.242.206:8081;
}
# HTTP Server
#
server {
Listen 8080;
server_name 10.118.213.96;
Location/nginx_status {
stub_status on;
Access_log off;
}
Location/cms {
Proxy_pass http://10.118.244.163:8080/cms;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header Host $host: 8080;
Index login.jsp;
#proxy_redirect default;
Proxy_cache off;
}
Location/adms {
Proxy_pass http://up_adms/Adms;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header Host $host;
#proxy_redirect Https://10.118.213.96:8443/Adms/adms;
Proxy_cache off;
Add_header ' access-control-allow-origin ' * ';
Add_header ' access-control-allow-credentials ' true ';
Add_header ' access-control-allow-methods ' OPTION, POST, GET ';
}
# REDIRECT Server error pages to the static page/50x.html
#
Error_page 403 404 502 503 504/40x.html;
Location =/40x.html {
#proxy_pass https://127.0.0.1:8080/notice.png;
root HTML;
}
# REDIRECT Server error pages to the static page/40x.html
#
Location ~*\. (GIF|JPG|JPEG|ICO|GIF|PNG|BMP|JS|CSS) $ {
Root images;
}
Location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}
#HTTPS SERVER
#
server {
Listen 8443;
server_name 10.118.213.96;
Sslon;
Ssl_certificate Server.key;
Ssl_certificate_key Server.pem;
Ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
Ssl_ciphers
Aes128-sha:aes256-sha:rc4-sha:des-cbc3-sha:rc4-md5;
Ssl_prefer_server_ciphers on;
Rewrite '/(login)/(. *) '/cms/$1/$2;
#rewrite '/adms/(. js|css) ' https://xbox.sf-pay.com/adms/$1;
Location/cms {
Proxy_pass http://up_cms/cms;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}
location/psfm{
Proxy_pass http://up_psfm/psfm;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_ redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}
Location/{
Proxy_pass http://up_cms/cms/login.jsp;
Rewrite '/(. *)/(. *) '/cms/$1/$2;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
}
Location/autodeploy {
Proxy_pass http://up_cms/AutoDeploy;
#proxy_pass http:// 10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}
#location/bugzilla {
#proxy_pass http://up_cms/Bugzilla;
# proxy_set_header Host $host;
# proxy_set_ Header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
#}
Location/adms {
Proxy_pass http://up_adms/Adms;
#proxy_pass http://10.118.242.206:8082/Adms/;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header Host $host;
#proxy_redirect Https://10.118.213.96:8443/Adms/adms;
Proxy_cache off;
Add_header ' access-control-allow-origin ' * ';
Add_header ' access-control-allow-credentials ' true ';
Add_header ' access-control-allow-methods ' OPTION, POST, GET ';
}
Error_page 403 404 502 503 504/40x.html;
location =/40x.html {
#proxy_pass https://127.0.0 .1:8443/notice.png;
Root html;
}
Location ~*\. ( Gif|jpg|jpeg|ico|gif|png|bmp) $ {
root images;
}
location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}
}
----------------------------------------------
#user nobody;
Worker_processes 1;
Error_log Logs/error.log;
#error_log Logs/error.log Notice;
#error_log Logs/error.log Info;
#pid Logs/nginx.pid;
Worker_rlimit_nofile 204800;
Events {
Worker_connections 204800;
Multi_accept on;
Use Epoll;
}
HTTP {
Include Mime.types;
Default_type Application/octet-stream;
Log_format test166 ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _referer '
' "$http _user_agent" "$http _x_forwarded_for" '
' [$request _time] "" [$upstream _response_time] "'
"[$connection]" "[$connection _requests]" '
"$http _imei" "$http _mobile" "$http _type" "$http _key" "$cookie _sfpay_jsessionid";
Access_log Logs/access.log test166;
Sendfile on;
#tcp_nopush on;
Underscores_in_headers on;
Keepalive_timeout 65;
Proxy_connect_timeout 10s;
Proxy_read_timeout 120;
Proxy_send_timeout 60;
Proxy_buffer_size 16k;
Proxy_buffers 4 64k;
Proxy_busy_buffers_size 128k;
Proxy_temp_file_write_size 128k;
Proxy_temp_path/home/temp_dir;
Proxy_cache_path/home/cache levels=1:2 keys_zone=cache_one:200m inactive=1d max_size=30g;
Client_header_buffer_size 12k;
Open_file_cache max=204800 inactive=65s;
Open_file_cache_valid 30s;
Open_file_cache_min_uses 1;
Fastcgi_intercept_errors on;
gzip on;
Gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image /jpeg image/gif image/png image/jpg;
Upstream Ims-oms {
Server 10.118.240.31:8001;
}
Upstream Up_cms {
Server 10.118.242.206:8080;
#server 10.118.244.163:8080;
}
Upstream Up_adms {
Server 10.118.242.206:8082;
#server 10.118.200.19:8080;
}
Upstream UP_PSFM {
Server 10.118.242.206:8081;
}
Upstream Up_syassistant {
Server 10.118.242.206:8088;
}
# HTTP Server
#
server {
Listen 8080;
server_name 10.118.213.96;
Location/nginx_status {
Stub_status on;
Access_log off;
}
Location/cms {
Proxy_pass Http://up_cms/cms;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header Host $host;
Index login.jsp;
#proxy_redirect default;
Proxy_cache off;
}
LOCATION/PSFM {
Proxy_pass HTTP://UP_PSFM/PSFM;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
#proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
Proxy_cache off;
}
location/syassistant {
Proxy_pass http://up_syAssistant/syAssistant;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
#proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
Proxy_cache off;
}
# REDIRECT Server error pages to the static page/50x.html
#
Error_page 403 404 502 503 504/40x.html;
Location =/40x.html {
#proxy_pass https://127.0.0.1:8080/notice.png;
root HTML;
}
# REDIRECT Server error pages to the static page/40x.html
#
Location ~*\. (GIF|JPG|JPEG|ICO|GIF|PNG|BMP|JS|CSS) $ {
Root images;
}
Location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}
#HTTPS SERVER
#
server {
Listen 8443;
server_name 10.118.213.96;
Sslon;
Ssl_certificate Server.key;
Ssl_certificate_key Server.pem;
Ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
Ssl_ciphers
AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
Ssl_prefer_server_ciphers on;
#rewrite '/(login)/(. *) '/cms/$1/$2;
#rewrite '/adms/(. js|css) ' https://xbox.sf-pay.com/adms/$1;
Location/cms {
Proxy_pass Http://up_cms/cms;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_redirect default;
Proxy_set_header Host $host;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}
LOCATION/PSFM {
Proxy_pass http://up_psfm/psfm;
#proxy_pass http://10.118.244.163:8080/cms/;
#proxy_ redirect default;
Proxy_set_header Host $host;
Proxy_set_header x-real-ip $remote _addr;
Proxy_set_header X-forwarded-proto HTTPS;
Server_name_in_redirect on;
}
#location/{
# Proxy_pass http://up_cms/cms/login.jsp;
#rewrite '/(. *)/(. *) '/cms/$1/$2;
# Proxy_set_header Host $host;
# Proxy_set_header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
#}
# location/autodeploy {
# proxy_pass Http://up_cms/AutoDeploy;
#proxy_pass http:// 10.118.244.163:8080/cms/;
#proxy_redirect default;
# Proxy_set_header Host $host;
# Proxy_set_header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
# server_name_in_redirect on;
#}
#location/bugzilla {
#proxy_pass http://up_cms/Bugzilla;
# proxy_set_header Host $host;
# proxy_set_ Header X-real-ip $remote _addr;
# Proxy_set_header X-forwarded-proto https;
#}
#location/adms {
# proxy_pass Http://up_adms/Adms;
# #proxy_pass http://10.118.242.206:8082/Adms/;
# Proxy_set_header X-real-ip $remote _addr;
# Proxy_set_header Host $host;
# #proxy_redirect Https://10.118.213.96:8443/Adms/adms;
# Proxy_cache off;
#add_header ' access-control-allow-origin ' *;
#add_header ' access-control-allow-credentials ' true ';
# add_header ' access-control-allow-methods ' OPTION, POST, GET ';
#}
Error_page 403 404 502 503 504/40x.html;
location =/40x.html {
#proxy_pass https://127.0.0.1:844 3/notice.png;
Root html;
}
Location ~*\. ( Gif|jpg|jpeg|ico|gif|png|bmp) $ {
root images;
}
location =/favicon.ico {
Log_not_found off;
Access_log off;
}
}
}
----------------------------configuration with Nginx Directory Access
[Email protected] conf]$ more nginx.conf
#user nobody;
Worker_processes 1;
#error_log Logs/error.log;
#error_log Logs/error.log Notice;
#error_log Logs/error.log Info;
#pid Logs/nginx.pid;
Events {
Worker_connections 1024;
}
HTTP {
Include Mime.types;
Default_type Application/octet-stream;
Log_format Main ' $remote _addr-$remote _user [$time _local] "$request" '
' $status $body _bytes_sent ' $http _referer '
' "$http _user_agent" "$http _x_forwarded_for";
Access_log Logs/access.log Main;
Sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
Keepalive_timeout 65;
#gzip on;
server {
Listen 8443;
server_name localhost;
#root/home/nginx/nginx-home/android/sit;
root/home/nginx/nginx-home/download/;
AutoIndex on;
Autoindex_exact_size on;
Autoindex_localtime on;
Location ~ ^/nginxstatus/{
Stub_status on;
Access_log off;
}
}
server {
Listen 8088;
server_name localhost;
#charset Koi8-r;
CharSet Utf-8;
Access_log Logs/host.access.log Main;
autoindex on;
Autoindex_exact_size on;
Autoindex_localtime on;
Location ~ ^/nginxstatus/{
Stub_status on;
Access_log off;
}
Location/{
#root html;
Root/home/nginx/nginx-home/download;
Index index.html index.htm;
}
#error_page 404/404.html;
# REDIRECT Server error pages to the static page/50x.html
#
Error_page 502 503 504/50x.html;
Location =/50x.html {
root HTML;
}
# Proxy The PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# Proxy_pass http://127.0.0.1;
#}
# Pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root HTML;
# Fastcgi_pass 127.0.0.1:9000;
# Fastcgi_index index.php;
# Fastcgi_param Script_filename/scripts$fastcgi_script_name;
# include Fastcgi_params;
#}
# Deny access to. htaccess files, if Apache ' s document Root
# concurs with Nginx ' s one
#
#location ~/\.ht {
# Deny All;
#}
}
# Another virtual host using mix of ip-, name-, and port-based configuration
#
#server {
# Listen 8000;
# Listen somename:8080;
# server_name somename alias Another.alias;
# location/{
# root HTML;
# index index.html index.htm;
# }
#}
# HTTPS Server
#
#server {
# Listen 443 SSL;
# server_name localhost;
# ssl_certificate Cert.pem;
# Ssl_certificate_key Cert.key;
# Ssl_session_cache shared:ssl:1m;
# ssl_session_timeout 5m;
# ssl_ciphers high:!anull:! MD5;
# ssl_prefer_server_ciphers on;
# location/{
# root HTML;
# index index.html index.htm;
# }
#}
}
Nginx Configuration-http and HTTPS