nginx.conf文件
#user nobody; worker_processes 1; error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { #正向代理 server { #正向代理的端口 listen 9080; #dns,支持配置多个 resolver 119.29.29.29; #开启插件支持https tunnel #proxy_connect; #proxy_connect_allow 443; #proxy_connect_connect_timeout 10s; #proxy_connect_read_timeout 40s; #proxy_connect_send_timeout 40s; #location / { # proxy_pass http://$host; # proxy_set_header Host $host; # proxy_buffers 256 4k; # proxy_max_temp_file_size 0; #} } #反向代理上游服务器-反向代理tpp-zuul-pre,支持配置多个 upstream srv_tpp-zuul-pre { ip_hash; server 172.168.168.108:80; server 172.168.168.114:80; } #反向代理 server { listen 8080; listen 443 ssl; #ssl on; ssl_certificate 1613208__hcepay.com.pem; ssl_certificate_key 1613208__hcepay.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; server_name 127.0.0.1; location / { proxy_pass http://srv_tpp-zuul-pre; } } upstream srv_fama { ip_hash; server 172.168.168.112:8080; server 172.168.168.119:8080; } server { listen 8081; server_name 127.0.0.1; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For proxy_add_x_forwarded_for; proxy_pass http://srv_fama; } } upstream srv_acc-pre { ip_hash; server 172.168.168.107:8764; server 172.168.168.113:8764; } server { listen 8764; server_name 127.0.0.1; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For proxy_add_x_forwarded_for; proxy_pass http://srv_acc-pre; } } upstream srv_redis { ip_hash; server 172.168.168.119:7000; server 172.168.168.119:7001; server 172.168.168.119:7002; server 172.168.168.119:7003; server 172.168.168.119:7004; server 172.168.168.119:7005; } server { listen 6379; server_name 127.0.0.1; location / { proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For proxy_add_x_forwarded_for; proxy_pass http://srv_redis; } } } #TCP方向代理 tcp { upstream srv_tpp-webgate { ip_hash; server 172.168.168.108:5001; server 172.168.168.114:5001; check interval=3000 rise=2 fall=5 timeout=1000; } server { listen 5001; proxy_pass srv_tpp-webgate; tcp_nodelay on; } }proxy模块的可用配置指令非常多,它们分别用于定义proxy模块工作时的诸多属性,如连接超时时长、代理时使用http协议版本等。下面对常用的指令做一个简单说明。
proxy_connect_timeout nginx将一个请求发送至upstream server之前等待的最大时长;
proxy_cookie_domain 将upstream server通过Set-Cookie首部设定的domain属性修改为指定的值,其值可以为一个字符串、正则表达式的模式或一个引用的变量;
proxy_cookie_path 将upstream server通过Set-Cookie首部设定的path属性修改为指定的值,其值可以为一个字符串、正则表达式的模式或一个引用的变量;
proxy_hide_header 设定发送给客户端的报文中需要隐藏的首部;
proxy_pass 指定将请求代理至upstream server的URL路径;
proxy_set_header 将发送至upsream server的报文的某首部进行重写;
proxy_redirect 重写location并刷新从upstream server收到的报文的首部;
proxy_send_timeout 在连接断开之前两次发送至upstream server的写操作的最大间隔时长;
proxy_read_timeout 在连接断开之前两次从接收upstream server接收读操作的最大间隔时长;
如下面的一个示例:
proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 30; proxy_send_timeout 15; proxy_read_timeout 15;转载于:https://www.cnblogs.com/Dev0ps/p/8134945.html
