apache的alias规则转换成nginx配置的示例

apache的alias规则转换成nginx配置的示例


# apache主配置文件
<VirtualHost *:80>
    ServerAdmin webmaster@example.com
    DocumentRoot "/data/www/vhosts/chinasoft.com/httpdocs/"
    ServerName chinasoft.com
    ServerAlias www.chinasoft.com chinasoft.com
    errorDocument 404 /404.html
    ErrorLog "/var/log/error_log"
    CustomLog "/var/log/access_log" combined
    #HTTP_TO_HTTPS_START
    <IfModule mod_rewrite.c>
        RewriteEngine on

        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule (.*) https://www.chinasoft.com$1 [L,R=301]
    </IfModule>
    #HTTP_TO_HTTPS_END
    
    #DENY FILES
    <Files ~ (\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)$>
       Order allow,deny
       Deny from all
    </Files>
    
    #PHP
    #<FilesMatch \.php$>
    #        SetHandler "proxy:unix:/tmp/php-cgi-73.sock|fcgi://localhost"
    #</FilesMatch>
    
    #PATH
    <Directory "/data/www/vhosts/chinasoft.com/httpdocs/">
        SetOutputFilter DEFLATE
        Options FollowSymLinks
        AllowOverride All
        Require all granted
        DirectoryIndex index.php index.html index.htm default.php default.html default.htm
    </Directory>
    
    <IfModule alias_module>
        Alias /server/ /data/www/vhosts/chinasoft.com/httpdocs/maxserver/
    </IfModule>
</VirtualHost>
<VirtualHost *:443>
    ServerAdmin webmasterexample.com
    DocumentRoot "/data/www/vhosts/chinasoft.com/httpdocs/"
    ServerName chinasoft.com
    ServerAlias www.chinasoft.com chinasoft.com
    errorDocument 404 /404.html
    ErrorLog "/var/log/error_log"
    CustomLog "/var/log/access_log" combined
    
    #SSL
    SSLEngine On
    SSLCertificateFile /etc/0924pem/chinasoft.com/full.crt
    SSLCertificateKeyFile /etc/0924pem/chinasoft.com/key.crt
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    SSLProtocol All -SSLv2 -SSLv3
    SSLHonorCipherOrder On
    
    #PHP
    #<FilesMatch \.php$>
    #        SetHandler "proxy:unix:/tmp/php-cgi-73.sock|fcgi://localhost"
    #</FilesMatch>
    
    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{HTTP_HOST} ^chinasoft.com$ [NC]
        RewriteRule (.*) https://www.%{SERVER_NAME}$1 [L,R=301]
    </IfModule>
    
    #DENY FILES
     <Files ~ (\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)$>
       Order allow,deny
       Deny from all
    </Files>

    #PATH
    <Directory "/data/www/vhosts/chinasoft.com/httpdocs/">
        SetOutputFilter DEFLATE
        Options FollowSymLinks Indexes
        AllowOverride All
        Require all granted
        DirectoryIndex index.php index.html index.htm default.php default.html default.htm
    </Directory>
    
    <IfModule alias_module>
        Alias /server/ /data/www/vhosts/chinasoft.com/httpdocs/maxserver/
    </IfModule>
</VirtualHost>


# 目录下的apache配置

~ # more /data/www/vhosts/www.chinasoft.com/httpdocs/maxserver/public/.htaccess
<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On
    RewriteBase /server/public

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

转换成nginx的配置

# nginx 配置

~# cat /usr/local//nginx/conf/vhost.d/www.chinasoft.com.conf
upstream node_servers{
        ip_hash;
        server 172.31.18.105:2233 max_fails=2 fail_timeout=30s weight=1;
        server 172.31.17.40:2233 max_fails=2 fail_timeout=30s weight=1;

        check interval=3000 rise=2 fall=5 timeout=1000 type=tcp port=2233;
        check_keepalive_requests 100;
}


server {
        listen 80;
        server_name     chinasoft.com www.chinasoft.com ori-www.chinasoft.com;
        access_log on;
        access_log      /data/www/logs/nginx_log/access/www.chinasoft.com_access.log main ;
        error_log       /data/www/logs/nginx_log/error/www.chinasoft.com_error.log ;
        root            /data/www/vhosts/www.chinasoft.com/httpdocs;
        index           index.html index.shtml index.php ;
        include        rewrite.d/www.chinasoft.com.conf ;

        if ($http_user_agent ~ Ezooms) {
            return 403;
        }

        location ~ ^.*\.(htaccess|htpasswd|ini|sh)$ {
            deny all;
        }

        rewrite ^/(.*)$ https://www.chinasoft.com/$1 permanent;

}

server {
        listen 443 ssl;

        ssl_certificate         cert2016/chinasoft_com.crt;
        ssl_certificate_key     cert2016/chinasoft_com.key;
        ssl_dhparam     cert2016/dh_2048.pem;

        ssl_session_timeout     5m;
        ssl_protocols   TLSv1.1 TLSv1.2;


        ssl_ciphers     "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA25
6:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!C
AMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3
-SHA:!KRB5-DES-CBC3-SHA";


        ssl_prefer_server_ciphers       on;

        server_name     chinasoft.com www.chinasoft.com ori-www.chinasoft.com;
    access_log on;
        access_log      /data/www/logs/nginx_log/access/www.chinasoft.com_access.log main ;
        error_log       /data/www/logs/nginx_log/error/www.chinasoft.com_error.log ;

        root            /data/www/vhosts/www.chinasoft.com/httpdocs;
        index           index.html index.shtml index.php ;
        include         rewrite.d/www.chinasoft.com.conf ;
        error_page  404 403              /404.html;

        if ($http_user_agent ~ Ezooms) {
        return 403;
    }

    location ~ ^.*\.(htaccess|htpasswd|ini|sh)$ {
        deny all;
    }

    location /templates/ {
            # proxy_pass http://127.0.0.1:2233;
            proxy_pass http://node_servers;
        }


    location ^~ /online/ {
        try_files $uri $uri/ /online/home.html;
        index home.html index.html;
    }

    location ~* ^/server/(.+)$ {
        alias /data/www/vhosts/www.chinasoft.com/httpdocs/maxserver/;
        index index.php index.html;
        try_files $1 $1/ /server/public/index.php?$query_string;
        #try_files $uri $uri/ /server/public/index.php?$query_string;
        location ~* ^/server/(.+)\.php$ {
            add_header Cache-Control no-store;
            fastcgi_pass   unix:/tmp/php5.6-fpm.sock;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$1.php;
            include        fastcgi_params;
        }
    }


    location ~ \.php$ {
        fastcgi_pass   unix:/tmp/php5.6-fpm.sock;
        #fastcgi_pass   unix:/tmp/php-cgi.sock;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}

反向代理配置规则

# cat api.chinasoft.com.conf 
upstream apiapi_servers {
        ip_hash;
        server 172.30.0.111:8888 max_fails=2 fail_timeout=30s weight=1;
        server 172.30.0.112:8888 max_fails=2 fail_timeout=30s weight=1;

        check interval=3000 rise=2 fall=5 timeout=1000 type=tcp port=8888;
        check_keepalive_requests 100;
}

server {
        listen 80;
        server_name     api.chinasoft.com 1.1.1.1;

        access_log      /data/www/logs/nginx_log/access/api.chinasoft.com_access.log main ;
        error_log       /data/www/logs/nginx_log/error/api.chinasoft.com_error.log ;
        root            /data/www/html;
        index           index.html index.shtml index.php ;
        error_page  404 403             /404.html;

        if ($http_user_agent ~ Ezooms) {
                return 403;
        }

        location ~ ^.*\.(htaccess|htpasswd|ini|sh)$ {
                deny all;
        }

        rewrite ^/(.*)$ https://api.chinasoft.com/$1 permanent;
}

server {
        listen 443 ssl;
        server_name     api.chinasoft.com 1.1.1.1;

        access_log      /data/www/logs/nginx_log/access/api.chinasoft.com_access.log main ;
        error_log       /data/www/logs/nginx_log/error/api.chinasoft.com_error.log ;
        root            /data/www/html;
        index           index.html index.shtml index.php ;
        error_page  404 403              /404.html;


        ssl_certificate         cert2016/chinasoft_com.crt;
        ssl_certificate_key     cert2016/chinasoft_com.key;
        ssl_dhparam             cert2016/dh_2048.pem;

        ssl_session_timeout     15m;
        ssl_protocols  TLSv1.1 TLSv1.2;

        ssl_ciphers     "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";

        if ($http_user_agent ~ Ezooms) {
                return 403;
        }

        location ~ ^.*\.(htaccess|htpasswd|ini|sh)$ {
                deny all;
        }

        location /logout {
                proxy_pass http://apiapi_servers;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_redirect off;
                expires -1;
                client_max_body_size 32M;
        }
        location /api/sso {
                rewrite ^/api/(.*)$ /$1 break;
                proxy_pass http://apiapi_servers;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_redirect off;
                expires -1;
                client_max_body_size 32M;
        }
        location /oss/ {
                rewrite ^/oss/(.*)$ /$1 break;
                proxy_pass http://apiapi_servers;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                expires -1;
                client_max_body_size 32M;
        }

        location /api/ {
                proxy_pass http://apiapi_servers;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                expires -1;
                client_max_body_size 32M;
        }

        location /pay/ {
                #rewrite ^/pay/(.*)$ /$1 break;
                proxy_pass http://apiapi_servers;
                proxy_redirect off;
                proxy_set_header X-Real-IP $remote_addr;
                expires -1;
                client_max_body_size 32M;
        }

        location /export/ {
                proxy_pass http://127.0.0.1:7012/;
                proxy_redirect off;
                expires -1;
                client_max_body_size 32M;
        }

        location ~ ^/($|index\.htm$) {
            root   /data/www/vhosts/api.chinasoft.com/httpdocs;
            try_files /index.html =404;
            ssi on;
        }

        location ~ ^/(favicon.ico|library|sitemap.xml|Sitemap.xml|pricing.html|faq.html|guide|author|feedback.html) {
            root   /data/www/vhosts/api.chinasoft.com/httpdocs;
        }

        location / {
                proxy_pass http://127.0.0.1:8080/;
                proxy_redirect off;
                expires -1;
                client_max_body_size 32M;
        }

        location /oss-data/ {
                #rewrite ^/oss-data/(.*)$ /eus-images-design/$1 break;
                rewrite ^/oss-data/(.*)$ /$1 break;
                proxy_hide_header 'Access-Control-Allow-Origin';
                add_header 'Access-Control-Allow-Origin' 'https://api.chinasoft.com';
                add_header 'Access-Control-Allow-Credentials' 'true';
                add_header 'Access-Control-Allow-Headers' 'Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
                add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS,PUT,DELETE,PATCH';
                proxy_set_header Origin http://api.chinasoft.com;
                proxy_set_header Referer https://api.chinasoft.com/design;
                proxy_pass http://api.oss-us-west-1-internal.aliyuncs.com/;
                proxy_redirect off;
                expires 1d;
                client_max_body_size 32M;
        }
}

# cat filmapi.chinasoft.com.conf 
server {
        listen 8888;
        server_name     filmapi.chinasoft.com 172.30.0.111;

        access_log      /data/www/logs/nginx_log/access/filmapi.chinasoft.com_access.log main ;
        error_log       /data/www/logs/nginx_log/error/filmapi.chinasoft.com_error.log ;
        root            /data/www/vhosts/filmapi.chinasoft.com/httpdocs/public;
        index           index.html index.shtml index.php ;

        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS, DELETE';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

        if ($request_method = 'OPTIONS') {
                return 204;
        }

        location / {
                index  index.php index.html index.htm;
                try_files $uri $uri/ /index.php?$query_string;
        }

        location ~ \.(eot|otf|ttf|woff|woff2|svg)$ {
                add_header Access-Control-Allow-Origin *;
        }

        location ~ \.php$ {
                        fastcgi_pass   unix:/tmp/php-cgi.sock;
                        fastcgi_index  index.php;
                        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                        include        fastcgi_params;
        }
}

 配置示例

[root@alisz-chinasoft-web01:~]# cat /usr/local/nginx/conf/vhost.d/chinasoft.cn.conf 
server {
        listen 80;
        server_name     chinasoft.cn www.chinasoft.cn ori-www.chinasoft.cn;
    access_log on;
        access_log      /data/www/logs/nginx_log/access/www.chinasoft.cn_access.log main ;
        error_log       /data/www/logs/nginx_log/error/www.chinasoft.cn_error.log ;
        root            /data/www/vhosts/chinasoft.cn/httpdocs;
        index           index.html index.shtml index.php ;
    include        rewrite.d/chinasoft.cn.conf ;
    add_header Referrer-Policy "no-referrer-when-downgrade" always;

    if ($http_user_agent ~ Ezooms) {
        return 403;
    }

    location ~ ^.*\.(htaccess|htpasswd|ini|sh)$ {
        deny all;
    }

    rewrite ^/(.*)$ https://www.chinasoft.cn/$1 permanent;

}

server {
        listen 443 ssl;

        ssl_certificate         cert2016/www_chinasoft_cn.crt;
        ssl_certificate_key     cert2016/www_chinasoft_cn.key;
        ssl_dhparam     cert2016/dh_2048.pem;

        ssl_session_timeout     5m;
        ssl_protocols   TLSv1.1 TLSv1.2;


        ssl_ciphers     "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";


        ssl_prefer_server_ciphers       on;

        server_name     chinasoft.cn www.chinasoft.cn ori-www.chinasoft.cn;
    access_log on;
        access_log      /data/www/logs/nginx_log/access/www.chinasoft.cn_access.log main ;
        error_log       /data/www/logs/nginx_log/error/www.chinasoft.cn_error.log ;

        root            /data/www/vhosts/chinasoft.cn/httpdocs;
        index           index.html index.shtml index.php ;
        include         rewrite.d/chinasoft.cn.conf ;
        #error_page  404 403              /404.html;
    add_header Referrer-Policy "no-referrer-when-downgrade" always;

        if ($http_user_agent ~ Ezooms) {
        return 403;
    }

    location ~ ^.*\.(htaccess|htpasswd|ini|sh)$ {
        deny all;
    }

    #location ~* ^/public{
    #    #alias /data/www/vhosts/chinasoft.cn/httpdocs/server/public;
    #    root /data/www/vhosts/chinasoft.cn/httpdocs/server;
    #    index index.php index.html;
    #    try_files $1 $1/ /index.php?$query_string;
    #    location ~* ^/public/(.+)\.php$ {
    #        add_header Cache-Control no-store;
    #        fastcgi_pass   unix:/tmp/php-cgi.sock;
    #        fastcgi_index  index.php;
    #        fastcgi_param  SCRIPT_FILENAME  $document_root$1.php;
    #        include        fastcgi_params;
    #    }
    #}

    location ~* ^/public/(.+)$ {
            alias /data/www/vhosts/chinasoft.cn/httpdocs/server/;
            index index.php index.html;
            try_files $1 $1/ /server/public/index.php?$query_string;
            location ~* ^/public/(.+)\.php$ {
                    add_header Cache-Control no-store;
                    fastcgi_pass   unix:/tmp/php-cgi.sock;
                    fastcgi_index  index.php;
                    fastcgi_param  SCRIPT_FILENAME  $document_root$1.php;
                    include        fastcgi_params;
            }
    }

    location /design/ {
        try_files $uri $uri/ /design/index.php?$args;
        index index.php;
    }

    location ~ \.php$ {
        fastcgi_pass   unix:/tmp/php-cgi.sock;
        #fastcgi_pass   unix:/tmp/php-cgi.sock;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

    location / {
                try_files $uri $uri/ /index.html?$args;
                index index.html;
        }
}

 

posted @ 2020-10-14 11:12  reblue520  阅读(420)  评论(0编辑  收藏  举报