#cola
##https的配置
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
server {
listen 443 ssl;https访问的端口为443,所以监听443端口
server_name 域名; #域名
ssl_certificate /var/2943404_www.cola666.top.pem;#ssl两个证书路径
ssl_certificate_key /var/2943404_www.cola666.top.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:5000;#未分布式 负载均衡
root /root/second_flasky;
}
}
##http的配置
server {
listen 80;
server_name 域名;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
proxy_pass http://lca;
}
}
upstream lca {#分布式
server 127.0.0.1:5000;
server 127.0.0.1:5002;
server 127.0.0.1:5001;
}
