nginx 配置文件
日志切割脚本
#!/bin/bash cd /usr/local/nginx/logs mv access.log /usr/local/nginx/logs/$(date +%Y-%m-%d).access.log mv error.log /usr/local/nginx/logs/$(date +%Y-%m-%d).error.log # find /usr/local/nginx/logs/ -type f -mtime +30 -exec rm -rf {} \; # /etc/init.d/nginx reload
主文件
user www www; worker_processes 2; worker_cpu_affinity 01 10; pid logs/nginx.pid; error_log logs/error.log; worker_rlimit_nofile 51200; events { use epoll; worker_connections 51200; } http{ # access_log off; # proxy_ignore_client_abort on; include mime.types; default_type application/octet-stream; # charset utf-8; server_names_hash_bucket_size 128; #sendfile on; #tcp_nopush on; # server_name_in_redirect off; server_tokens off ; keepalive_timeout 200; client_header_buffer_size 4k; client_max_body_size 8m; large_client_header_buffers 4 16k; client_header_timeout 30; client_body_timeout 30; send_timeout 30; connection_pool_size 256; request_pool_size 4k; output_buffers 4 32k; postpone_output 1460; fastcgi_connect_timeout 400; fastcgi_send_timeout 400; fastcgi_read_timeout 300; fastcgi_buffer_size 256k; fastcgi_buffers 32 256k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; fastcgi_temp_path /dev/shm; fastcgi_intercept_errors on; fastcgi_cache_path /cache/php levels=1:2 keys_zone=cache-2:100m inactive=1h; proxy_cache_path /cache/http levels=1:2 keys_zone=cache-1:1000m inactive=24h max_size=10g; # limit_zone website $binary_remote_addr 100m; # error_page 404 /404.html; # error_page 403 500 502 503 504 /500.html; tcp_nodelay on; gzip on; gzip_min_length 1k; gzip_buffers 4 8k; gzip_http_version 1.1; gzip_comp_level 2; #gzip_types text/plain application/x-javascript text/css application/xml; gzip_vary on; gzip_types text/plain application/x-javascript text/css application/xml application/jpg text/javascript\;charset=UTF-8 text/css\;charset=UTF-8; log_format lan_format '$host $remote_addr - $remote_user [$time_local] $request ' '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent"'; server { listen 80; server_name localhost 10.168.110.85; location /nginx_status { stub_status on; # access_log off; } } include vhost/*.conf; server { listen 80 default_server; listen 8000 default_server; server_name _; return 444; } } stream { include proxy/*.conf; }
php+nginx+伪静态
server { error_log logs/qq/error.log; access_log logs/qq/access.log; set_real_ip_from 192.168.0.0/16; set_real_ip_from 10.0.0.0/8; real_ip_header X-Real-IP; listen 8000; server_name www.qq.com; root /data/httpd/www/qq/; index index.php; location / { if (!-e $request_filename) { rewrite ^/(.*)$ /index.php/$1 last; break; } } location ~ ^/shopadmin { rewrite ^/(.*)$ /index.php/$1 last; break; } location ~ .+\.php($|/) { set $script $uri; set $path_info "/"; if ($uri ~ "^(.+\.php)(/.+)") { set $script $1; set $path_info $2; } # fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/dev/shm/php-cgi.sock; include /usr/local/nginx/conf/fastcgi_params; fastcgi_param PATH_INFO $path_info; fastcgi_param SCRIPT_FILENAME $document_root/$script; fastcgi_param SCRIPT_NAME $script; fastcgi_cache cache-2; fastcgi_cache_valid 200 302 30m; fastcgi_cache_valid 301 1h; fastcgi_cache_valid any 1m; fastcgi_cache_min_uses 1; fastcgi_cache_key $request_method://$host$request_uri; fastcgi_cache_use_stale error timeout invalid_header http_500; } location ~ .*\.(log|logs|cvs|xls|pem|dll|zip|rar|tar|gz|key)$ { deny all; } }
反向代理+负载均衡
upstream qqcomadmin { ip_hash; server 10.168.110.85:8000 weight=3 max_fails=3 fail_timeout=30s; } server { access_log logs/qqcom/access.log; error_log logs/qqcom/error.log; server_name www.qq.com; listen 443; listen 80; ssl on; ssl_certificate /usr/local/nginx/conf/vhost/ssl/www.qq.com.pem; ssl_certificate_key /usr/local/nginx/conf/vhost/ssl/www.qq.com.key; location /{ proxy_pass http://qqcom; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_connect_timeout 30; proxy_send_timeout 30; proxy_read_timeout 30; # deny all; } location ~ ^/shopadmin { proxy_pass http://qqcomadmin; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_connect_timeout 30; proxy_send_timeout 30; proxy_read_timeout 30; } location ^~ /touxiang/ { proxy_pass http://qqcom-root.oss-cn-hangzhou-internal.aliyuncs.com/public/images/touxiang/; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|ico)$ { expires 7d; proxy_pass http://qqcom-root.oss-cn-hangzhou-internal.aliyuncs.com; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_connect_timeout 30; proxy_send_timeout 30; proxy_read_timeout 30; proxy_cache cache-1; proxy_cache_key $host$uri$is_args$args; proxy_cache_valid 200 302 6h; proxy_cache_valid 301 1d; proxy_cache_valid 404 1m; proxy_cache_valid any 5m; proxy_temp_file_write_size 64k; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; } location ~ .*\.(js|css)$ { expires 1d; proxy_pass http://qqcom-root.oss-cn-hangzhou-internal.aliyuncs.com; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_connect_timeout 30; proxy_send_timeout 30; proxy_read_timeout 30; proxy_cache cache-1; proxy_cache_key $host$uri$is_args$args; proxy_cache_valid 200 302 1h; proxy_cache_valid 301 1d; proxy_cache_valid 404 1m; proxy_cache_valid any 5m; proxy_temp_file_write_size 64k; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; } location ~ .*\.(|log|logs|cvs|xls|pem|dll|zip|rar|tar|gz|key)$ { deny all; } }
反向代理
server { server_name www.qq.cn; listen 80; access_log /usr/local/nginx/logs/qq/access.log; error_log /usr/local/nginx/logs/qq/error.log; location / { proxy_pass http://10.168.138.78; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_connect_timeout 300; proxy_send_timeout 300; proxy_read_timeout 300; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)?$ { expires 10d; proxy_pass http://10.168.138.78; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_connect_timeout 300; proxy_send_timeout 300; proxy_read_timeout 300; proxy_cache cache-1; proxy_cache_key $host$uri$is_args$args; proxy_cache_valid 200 302 6h; proxy_cache_valid 301 1d; proxy_cache_valid 404 1m; proxy_cache_valid any 5m; proxy_temp_file_write_size 64k; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; } location ~ .*\.(log|logs|cvs|xls|pem|dll|zip|rar|tar|gz|key)$ { deny all; }
php+nginx+ssl+重定向
server { listen 80; server_name mail.qq.net; rewrite ^(.*)$ https://$server_name$1 permanent; root "D:/Winmail/server/webmail/www"; location / { index index.html index.htm index.php; #autoindex on; } location ~ \.php(.*)$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_split_path_info ^((?U).+\.php)(/?.+)$; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; include fastcgi_params; } } server { listen 443 ; server_name mail.qq.net; ssl on; ssl_certificate D:\http\SSL\default\server.crt; ssl_certificate_key D:\http\SSL\default\server.key; root "D:/Winmail/server/webmail/www"; location / { index index.html index.htm index.php; #autoindex on; } location ~ \.php(.*)$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_split_path_info ^((?U).+\.php)(/?.+)$; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; include fastcgi_params; } }
