Nginx: Configuration
user nginx; worker_processes auto; worker_processes 4; worker_cpu_affinity 0001 0010 0100 1000; worker_rlimit_nofile 65536; #error_log logs/error.log; #error_log logs/error.log notice; error_log /var/log/nginx/error.log info; pid /var/run/nginx.pid; events { worker_connections 2048; use epoll; #multi_accept on; } http { include mime.types; include conf.d/*.conf; # Basic default_type application/octet-stream; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 1024; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; # Log log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; # Following root html; # document_root /etc/nginx (default) server { listen 80 default_server; listen [::]:80 default_server; server_name _; # Cross-Domain location ~* /getUser { default_type ''; add_header Content-Type 'application/json; charset=utf-8'; add_header Access-Control-Allow-Origin http://www.rabble.com; add_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE'; return 201 '{"id":1, "name": "radish"}'; } location / { # First attemp to serve request as file, then as directory, then fall back to 404 try_files $uri $uri/ =404; } } # Rewrite Whole Site server { listen 80; server_name www.rabble.com; location / { root html; } } server { listen 80; server_name www.raffia.com www.rafter.com; rewrite ^(.*)$ http://www.rabble.com$1 permanent; } # Rewrite Subdomain (302) server { listen 80; server_name item.rabble.com; rewrite (.*) http://www.rabble.com/item$1 last; } server { listen 80; server_name cart.rabble.com; rewrite (.*) http://www.rabble.com/cart$1 last; } # Append / To Directory server { listen 80; server_name _; server_name_in_redirect on; # 以 server_name 替换 host location /cart { if (-d $request_filename) { rewrite ^(.*)([^/])$ $scheme://$http_host$1$2/ permanent; # 确保最后一个不是 / ,才跳转,否则无限跳转 } } } # SEO (Search Engine Optimization) 压缩目录层级 server { listen 80; server_name _; location / { root html; } location /rake { # 地址栏显示rewrite前uri => http://www.rabble.com/rake-11-22-33-44.html rewrite ^/rake-(\d+)-([0-9]+)+(\d+)+([0-9]+)\.html$ /rake/$1/$2/$3/$4.html last; # /rake/11/22/33/44.html /rake-11-22-33-44.html?v=vv&b=bb return 202 '$uri $request_uri'; # Accepted } } # Break server { listen 80; server_name www.rabble.com; set $username rambler; location / { } location ^~ /break { if ($args != '') { set $username rambling; break; # 终止本location, add_header生效, return(default前)不生效 set $username ramify; } add_header username $username always; return 200 $username; } } server { listen 80; server_name localhost; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; location / { root /usr/share/nginx/html; index index.html index.htm; } #error_page 404 /404.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} } ##### rewrite ##### # access http://www.aeon.io/name/adorn?sex=male location ~* ^/name/ { rewrite /name/([^/]+) /auth?name=$1 break; proxy_pass http://ram3; # 后端 uri request_uri == /auth /auth?name=adorn&sex=male # proxy_pass http://ram3/; # WRONG "proxy_pass" cannot have URI part in location given by regular expression, or inside named location, or inside "if" statement, or inside "limit_except" block 正则匹配的location中, proxy_pass不能带URI } location ^~ /name/ { rewrite /name/([^/]+) /auth?name=$1 break; proxy_pass http://ram3/login; # 后端 uri request_uri == /auth /auth?name=adorn&sex=male, rewrite后proxy_pass的URI无效 } ##### geoip ##### location /google { if ( $geoip_contry_code ~ (RU|CN) ){ proxy_pass http://www.google.hk; } } ##### gzip.conf ##### # http block include /etc/nginx/conf.d/*.conf gzip on; gzip_comp_level 6; gzip_min_length 1024; gzip_http_version 1.1; gzip_vary on; gzip_proxied off; gzip_static on; gzip_types text/css text/plain text/xml text/javascript application/json application/javascript application/x-javascript application/xml application/xml+rss; ./configure \ --user=nginx \ --group=nginx \ --build=build_name \ --prefix=/usr/local/nginx \ --sbin-path=/usr/local/nginx/sbin/nginx \ --conf-path=/usr/local/nginx/conf/nginx.conf \ --error-log-path=/usr/local/nginx/logs/error.log \ --http-log-path=/usr/local/nginx/logs/access.log \ --pid-path=/usr/local/nginx/logs/nginx.pid \ --lock-path=/usr/local/nginx/logs/nginx.lock \ --modules-path=/usr/local/nginx/modules \ --http-client-body-temp-path=/var/cache/nginx/client_temp \ --http-proxy-temp-path=/var/cache/nginx/proxy_temp \ --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \ --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \ --http-scgi-temp-path=/var/cache/nginx/scgi_temp \ --with-compat \ --with-file-aio \ --with-threads \ --with-pcre-jit \ --with-http_addition_module \ --with-http_auth_request_module \ --with-http_dav_module \ --with-http_flv_module \ --with-http_mp4_module \ --with-http_gunzip_module \ --with-http_gzip_static_module \ --with-http_image_filter_module=dynamic \ --with-http_random_index_module \ --with-http_realip_module \ --with-http_secure_link_module \ --with-http_slice_module \ --with-http_ssl_module \ --with-http_stub_status_module \ --with-http_sub_module \ --with-http_v2_module \ --with-http_xslt_module=dynamic \ --with-http_geoip_module=dynamic \ --with-mail \ --with-mail_ssl_module \ --with-stream \ --with-stream_realip_module \ --with-stream_ssl_module \ --with-stream_ssl_preread_module \ --with-debug \ --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' \ --add-dynamic-module=/root/headers-more-nginx-module-0.33 \ --add-dynamic-module=/root/nginx_cookie_flag_module-1.1.0 \ --add-dynamic-module=/root/njs-0.6.2/nginx --add-dynamic-module=/usr/local/src/nginx/module/fair \ --with-ld-opt='-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-E' \ ##### proxy_cache ##### proxy_cache_path /var/cache/nginx/proxy levels=2:2:2 keys_zone=bugaboo:200m inactive:1d max_size=20g; # levels 指定缓存空间三层目录, 200m指内存缓存空间, max_size硬盘缓存空间 proxy_cache bugaboo; proxy_cache_key $scheme$proxy_host$request_uri$is_args$args; proxy_cache_valid 200 301 302 10m; # 200 301 302 10 minutes proxy_cache_valid 404 1m; # 404 1minute proxy_cache_valid any 1m; proxy_cache_min_uses 2; proxy_cache_methods GET HEAD; # default GET HEAD add_header nginx-cache "$upstream_cache_status"; # 添加返回头, nginx-cache: HIT proxy_no_cache $cookie_nocache $arg_nocache $arg_comment; proxy_cache_bypass $cookie_nocache $arg_nocache $arg_comment; ##### Layer Four Load Balancing ##### server { listen [::1]:222; proxy_pass unix:/tmp/stream.sock; } ##### Layer Seven Load Balancing ##### upstream backend { server ram2:9001 weight=30; server ram2:9002 weight=20; server ram2:9003 weight=10; } server { listen 8080; server_name localhost; location / { proxy_pass http://backend; } } upstream video { server ram2:9001; server ram2:9002; } upstream audio { server ram2:9002; server ram2:9003; } server { listen 80 default_server ssl; server_name _; location /video/ { proxy_pass http://video; } location /audio/ { proxy_pass http://audio; } } # Method ( PUT | DELETE) location /adorn { limit_except PUT DELETE { # 匹配到请求方法为PUT, DELETE proxy_pass http://localhost:9000; } } ##### nginx technique ##### 清空Content-type default_type ''; # 清空原default_type application/octet-stream; 生成的 Content-Type: application/octet-stream add-header Content-Type 'charset=utf-8, text/plain'; dictate: http { location / { listen 443 ssl http2 default_server; } }
日志Rotate:
分类:
Nginx-Keepalived
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 单元测试从入门到精通
· 上周热点回顾(3.3-3.9)
· winform 绘制太阳,地球,月球 运作规律