default.conf配置
外部訪問支持http和https,可是nginx內部統一把請求轉換成https轉發出去javascript
server {
listen 80;
server_name sunfj.cn;
## root www/mimvp_proxy;
rewrite ^(.*)host$1 permanent;##強制http轉https請求
}
server {
listen 443 ssl http2;
server_name xxx.cn;
## root www/mimvp_proxy;
ssl on;
ssl_certificate /etc/ssl/certs/xxx.crt;
ssl_certificate_key /etc/ssl/certs/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass /*proxy address*/;
}
location ~ .do$ {
proxy_pass /*proxy address*/;
}
location ~* ^/(images|img|javascript|js|css|blog|flash|media|static)/ {
proxy_pass /*proxy address*/;
}
location ~* ^/favicon\.ico {
proxy_pass /*proxy address*/;
}
location ~* ^/img/logo\.png {
proxy_pass /*proxy address*/;
}
location ~ /\.ht {
deny all;
}
}
nginx.conf配置
- 轉發請求對應的header參數:underscores_in_headers on;
- 超時時間配置(全局):
fastcgi_connect_timeout 300; fastcgi_send_timeout 300; fastcgi_read_timeout 300; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; fastcgi_temp_file_write_size 128k;
docker操做
- 啓動Nginx命令:
docker run --name some-nginx -v /some/content:/usr/share/nginx/html:ro -d nginx
- 反向代理啓動命令:
docker run --name nginx -p 80:80 -p 443:443 -v /home/data/nginx/nginx.conf:/etc/nginx/nginx.conf -v /home/data/nginx/conf.d:/etc/nginx/conf.d -v /etc/ssl/certs:/etc/ssl/certs -d nginx