- A+
所属分类:未分类
工具地址:nginx配置在线生成
帮助文档:帮助文档
基础配置如下图:
server配置如下图:
结果如下:
# Generated by xubo it.baiked.com
user nginx;
pid /run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 65535;
events {
multi_accept on;
worker_connections 65535;
}
http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
types_hash_max_size 2048;
client_max_body_size 100M;
# MIME
include mime.types;
default_type application/octet-stream;
# logging
log_format main '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":$body_bytes_sent,'
'"responsetime":$request_time,'
'"upstreamtime":"$upstream_response_time",'
'"upstreamhost":"$upstream_addr",'
'"http_host":"$host",'
'"uri":"$uri",'
'"query_string":"$query_string",'
'"request_method":"$request_method",'
'"xff":"$http_x_forwarded_for",'
'"referer":"$http_referer",'
'"agent":"$http_user_agent",'
'"status":"$status"}';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log warn;
# load configs
include /etc/nginx/conf.d/*.conf;
# upstream
upstream baiked {
server 192.168.0.222:8080;
server 192.168.0.222:8081 backup;
server 192.168.0.222:8082 down;
}
# www.example.com
server {
listen 80;
listen [::]:80;
server_name www.example.com;
set $base /var/www/www.example.com;
root $base/public;
# security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
# logging
access_log /var/log/nginx/www.example.com.access.log main;
error_log /var/log/nginx/www.example.com.error.log warn;
# /a
location ^~ /a {
proxy_pass http://baiked;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
# /b
location ^~ /b {
proxy_pass http://192.168.0.223:8080;
proxy_set_header HOST $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
# assets
location ~* \.(?:css(\.map)?|js(\.map)?)$ {
expires 7d;
access_log off;
}
# media
location ~* \.(?:jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}
# svg
location ~* \.svgz?$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}
# fonts
location ~* \.(?:ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
expires 7d;
access_log off;
}
}
}
- 安卓客户端下载
- 微信扫一扫
- 微信公众号
- 微信公众号扫一扫