Nginx經常使用配置

時間 2019-12-12

標籤 nginx 經常使用配置欄目 Nginx 简体版

原文原文鏈接

https配置html

server {
      listen 443;
      server_name xxxx.aaa.com;
      ssl on;
      # cart.crt和cert.key文件放在nginx.conf同級的cert目錄裏
      ssl_certificate   cert/cert-xxxx.crt;
      ssl_certificate_key  cert/cert-xxxx.key;
      ssl_session_timeout 5m;
      ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_prefer_server_ciphers on;
      location / {
        proxy_pass https://api.aaa.com;
      }
  }
# 強制跳轉https  
server {
      listen 80;
      server_name xxxx.aaa.com;
	  return 301 https://$server_name$request_uri;
      location / {
        proxy_pass https://api.aaa.com;
      }
  }

負責均衡nginx

upstream ws_server {
  server    173.12.20.205:8085 weight=1;
  server    174.14.13.153:8085 weight=1;
}

server {
      listen 443;
      server_name xxx.bbbb.com;
      ssl on;
      #root html;
      #index index.html index.htm;
      ssl_certificate   cert/cert-xxx.crt;
      ssl_certificate_key  cert/cert-xxx.key;
      ssl_session_timeout 5m;
      ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_prefer_server_ciphers on;
      location / {
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_pass http://ws_server;
      }
  }

根據uri跳轉web

location /websocket {
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_set_header   Host             $host;
  proxy_set_header   X-Real-IP        $remote_addr;
  proxy_set_header   X-Forwarded-For
  proxy_pass http://127.0.0.1:9085;
}

跨域CROS設置api

location / {
  add_header Access-Control-Allow-Origin $http_origin;
  add_header Access-Control-Allow-Credentials true;
  add_header Access-Control-Allow-Headers *; # 手機瀏覽器可能會報錯，改爲'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Referer'
  proxy_pass https://open.sobot.com;
}

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。