记一次nginx生产环境配置,以备后用
原创
创建时间:2020-09-09
访问量:115
赞:0
踩:0
# nginx.conf -- docker-openresty
#
# This file is installed to:
# `/usr/local/openresty/nginx/conf/nginx.conf`
# and is the file loaded by nginx at startup,
# unless the user specifies otherwise.
#
# It tracks the upstream OpenResty's `nginx.conf`, but removes the `server`
# section and adds this directive:
# `include /etc/nginx/conf.d/*.conf;`
#
# The `docker-openresty` file `nginx.vh.default.conf` is copied to
# `/etc/nginx/conf.d/default.conf`. It contains the `server section
# of the upstream `nginx.conf`.
#
# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files
#
#user nobody;
worker_processes 8;
# 添加并发数,与下面的worker_connections一起配置
worker_rlimit_nofile 655350;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 655350;
}
stream {
upstream mysql_server {
hash $remote_addr consistent;
server 127.0.0.1:3306 weight=1 max_fails=1 fail_timeout=10s;
server 127.0.0.1:3307 weight=1 max_fails=1 fail_timeout=10s;
}
server {
listen 3309 so_keepalive=60s::;
proxy_pass mysql_server;
}
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
# See Move default writable paths to a dedicated directory (#119)
# https://github.com/openresty/docker-openresty/issues/119
client_body_temp_path /var/run/openresty/nginx-client-body;
proxy_temp_path /var/run/openresty/nginx-proxy;
fastcgi_temp_path /var/run/openresty/nginx-fastcgi;
uwsgi_temp_path /var/run/openresty/nginx-uwsgi;
scgi_temp_path /var/run/openresty/nginx-scgi;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream bsp_backend {
server 127.0.0.1:8080 weight=1 max_fails=1 fail_timeout=10s;
server 127.0.0.1:8081 weight=1 max_fails=1 fail_timeout=10s;
server 127.0.0.1:8082 weight=1 max_fails=1 fail_timeout=10s;
# 提高并发连接速度
keepalive 50;
}
upstream dataviz {
server 127.0.0.1:5000 weight=1 max_fails=1 fail_timeout=10s;
keepalive 50;
}
upstream bsp_strive {
server 127.0.0.1:8281 weight=1 max_fails=1 fail_timeout=10s;
keepalive 50;
}
server {
listen 80;
server_name www.xxx.com;
location / {
rewrite ^(.*)$ https://$host$1 permanent;
}
}
server {
listen 80;
server_name bsp.xxx.com;
location / {
rewrite ^(.*)$ https://$host$1 permanent;
}
}
server {
listen 443 ssl;
server_name bsp.xxx.com;
# ssl on;
ssl_certificate /opt/ssl/3989015__xxx.com.pem;
ssl_certificate_key /opt/ssl/3989015__xxx.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /complaint {
root /usr/local/openresty/nginx/html;
index index.html;
}
location /bsp-web {
root /usr/local/openresty/nginx/html;
index index.html;
}
location /bspn-web {
root /usr/local/openresty/nginx/html;
index index.html;
}
location /strive-web {
root /usr/local/openresty/nginx/html;
index index.html;
}
location /bsp-sys {
proxy_pass http://bsp_backend;
client_max_body_size 1024M;
proxy_connect_timeout 3600s;
proxy_send_timeout 3600s;
proxy_read_timeout 3600s;
proxy_buffer_size 64k;
proxy_buffers 32 32k;
proxy_busy_buffers_size 128k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# 下载两个配置提高并发数,防止高并发下nginx请求过早关闭。要保持长连接
proxy_http_version 1.1;
proxy_set_header Connection "";
}
location /dataviz {
proxy_pass http://dataviz;
client_max_body_size 1024M;
proxy_connect_timeout 3600s;
proxy_send_timeout 3600s;
proxy_read_timeout 3600s;
proxy_buffer_size 64k;
proxy_buffers 32 32k;
proxy_busy_buffers_size 128k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
location /strive {
proxy_pass http://bsp_strive;
client_max_body_size 1024M;
proxy_connect_timeout 3600s;
proxy_send_timeout 3600s;
proxy_read_timeout 3600s;
proxy_buffer_size 64k;
proxy_buffers 32 32k;
proxy_busy_buffers_size 128k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
server {
listen 443 ssl;
server_name www.xxx.com;
# ssl on;
ssl_certificate /opt/ssl/3989015__xxx.com.pem;
ssl_certificate_key /opt/ssl/3989015__xxx.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /usr/local/openresty/nginx/html;
index index.html;
}
}
}
更多关于nginx配置文件请访问:
相关资源列表:
更多资源请访问:
评论
我想说:
==已经到底了==
关注: 粉丝: 积分:
博客阅读排行
post请求错误net::ERR_CONNECTION_RESET解决
发现自已傻X了,JetBrains官网打不开,找了很久,原来是这样
mybatis-plus 通过QueryWrapper使用注解@Select自定义left join等复杂SQL用于分页
element-ui container 布局中的el-main主要内容区域高度自适应,内容超出自动出现滚动条
linux环境下rabbitmqctl status报错 Error: unable to perform an operation on node 'rabbit@c1'.的最新解决方案
The bean 'studentRepository', defined in null, could not be registered. A bean with that name has already been defined in file
RabbitMQ安装报错 erlang >= 19.3 is needed by rabbitmq-server-3.7.9-1.el7.noarch
springboot+thymeleaf+nginx实现动态页面静态化方案
安装vue-devtooles调试工具简解
项目出现警告:未知的枚举常量 javax.annotation.meta.When.MAYBE
支付宝收钱码