# nginx.conf -- docker-openresty # # This file is installed to: # `/usr/local/openresty/nginx/conf/nginx.conf` # and is the file loaded by nginx at startup, # unless the user specifies otherwise. # # It tracks the upstream OpenResty's `nginx.conf`, but removes the `server` # section and adds this directive: # `include /etc/nginx/conf.d/*.conf;` # # The `docker-openresty` file `nginx.vh.default.conf` is copied to # `/etc/nginx/conf.d/default.conf`. It contains the `server section # of the upstream `nginx.conf`. # # See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files # #user nobody; worker_processes 8; # 添加并发数,与下面的worker_connections一起配置 worker_rlimit_nofile 655350; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 655350; } stream { upstream mysql_server { hash $remote_addr consistent; server 127.0.0.1:3306 weight=1 max_fails=1 fail_timeout=10s; server 127.0.0.1:3307 weight=1 max_fails=1 fail_timeout=10s; } server { listen 3309 so_keepalive=60s::; proxy_pass mysql_server; } } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; # See Move default writable paths to a dedicated directory (#119) # https://github.com/openresty/docker-openresty/issues/119 client_body_temp_path /var/run/openresty/nginx-client-body; proxy_temp_path /var/run/openresty/nginx-proxy; fastcgi_temp_path /var/run/openresty/nginx-fastcgi; uwsgi_temp_path /var/run/openresty/nginx-uwsgi; scgi_temp_path /var/run/openresty/nginx-scgi; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream bsp_backend { server 127.0.0.1:8080 weight=1 max_fails=1 fail_timeout=10s; server 127.0.0.1:8081 weight=1 max_fails=1 fail_timeout=10s; server 127.0.0.1:8082 weight=1 max_fails=1 fail_timeout=10s; # 提高并发连接速度 keepalive 50; } upstream dataviz { server 127.0.0.1:5000 weight=1 max_fails=1 fail_timeout=10s; keepalive 50; } upstream bsp_strive { server 127.0.0.1:8281 weight=1 max_fails=1 fail_timeout=10s; keepalive 50; } server { listen 80; server_name www.xxx.com; location / { rewrite ^(.*)$ https://$host$1 permanent; } } server { listen 80; server_name bsp.xxx.com; location / { rewrite ^(.*)$ https://$host$1 permanent; } } server { listen 443 ssl; server_name bsp.xxx.com; # ssl on; ssl_certificate /opt/ssl/3989015__xxx.com.pem; ssl_certificate_key /opt/ssl/3989015__xxx.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location /complaint { root /usr/local/openresty/nginx/html; index index.html; } location /bsp-web { root /usr/local/openresty/nginx/html; index index.html; } location /bspn-web { root /usr/local/openresty/nginx/html; index index.html; } location /strive-web { root /usr/local/openresty/nginx/html; index index.html; } location /bsp-sys { proxy_pass http://bsp_backend; client_max_body_size 1024M; proxy_connect_timeout 3600s; proxy_send_timeout 3600s; proxy_read_timeout 3600s; proxy_buffer_size 64k; proxy_buffers 32 32k; proxy_busy_buffers_size 128k; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 下载两个配置提高并发数,防止高并发下nginx请求过早关闭。要保持长连接 proxy_http_version 1.1; proxy_set_header Connection ""; } location /dataviz { proxy_pass http://dataviz; client_max_body_size 1024M; proxy_connect_timeout 3600s; proxy_send_timeout 3600s; proxy_read_timeout 3600s; proxy_buffer_size 64k; proxy_buffers 32 32k; proxy_busy_buffers_size 128k; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Connection ""; } location /strive { proxy_pass http://bsp_strive; client_max_body_size 1024M; proxy_connect_timeout 3600s; proxy_send_timeout 3600s; proxy_read_timeout 3600s; proxy_buffer_size 64k; proxy_buffers 32 32k; proxy_busy_buffers_size 128k; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Connection ""; } } server { listen 443 ssl; server_name www.xxx.com; # ssl on; ssl_certificate /opt/ssl/3989015__xxx.com.pem; ssl_certificate_key /opt/ssl/3989015__xxx.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { root /usr/local/openresty/nginx/html; index index.html; } } }