#user nobody;
worker_processes 8;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
worker_rlimit_nofile 30000;
events {
worker_connections 1024;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
server_tokens off; #關閉版本顯示
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#防止ddos攻擊
client_header_timeout 60;
client_body_timeout 10;
#設置文件上傳最大爲50M
client_max_body_size 50M;
#gzip on;
#軟負載映射節點
upstream balanceServer{
# sticky httponly;
server 127.0.0.1:8001;
server 127.0.0.1:8002;
server 127.0.0.1:8003;
server 127.0.0.1:8004;
}
server {
listen 8443;
server_name localhost;
#ssl config
ssl on;
ssl_certificate /app/nginx.pem;
ssl_certificate_key /app/nginx.key;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:1m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM;
ssl_prefer_server_ciphers on;
#charset koi8-r;
location / {
#負載均衡地址
proxy_pass http://balanceServer$request_uri;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header Connection Close;
port_in_redirect off;
proxy_connect_timeout 60s;
proxy_read_timeout 3h;
proxy_send_timeout 3h;
proxy_buffer_size 4k;
proxy_buffers 6 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
#開啓代理攔截錯誤,屏蔽真實中間件信息
proxy_intercept_errors off;
}
location ~ ^/WEB-INF/ {
deny all;
}
location /res {
alias /app2/res_mng;#圖片映射路徑
index index.html index.htm;
}
#設置健康檢查頁面
location = /healthcheck.html {
root /app/nginx/html;
access_log off; #關閉健康檢查訪問日誌
}
#設置404頁面[/app/nginx/html目錄下的文件]
error_page 404 403 /404.html;
location = /404.html {
root /app/nginx/html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /app/nginx/html;
}
}
}
nginx與https證書集成
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.