11月30, 2016
0 comments

NGINX CONF配置实例

HTTPS

server
{
    listen 80;
    listen 443 ssl http2;
    server_name blog.hijs.cc;
    index index.php index.html index.htm default.php default.htm default.html;
    root /www/wwwroot/blog.hijs.cc;

    #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
    #error_page 404/404.html;
    #HTTP_TO_HTTPS_START
    if ($server_port !~ 443){
        rewrite ^(/.*)$ https://$host$1 permanent;
    }
    #HTTP_TO_HTTPS_END
    limit_conn perserver 100;
    limit_conn perip 5;
    limit_rate 128k;
    ssl_certificate    /etc/letsencrypt/live/blog.hijs.cc/fullchain.pem;
    ssl_certificate_key    /etc/letsencrypt/live/blog.hijs.cc/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    error_page 497  https://$host$request_uri;

    #SSL-END

    #ERROR-PAGE-START  错误页配置,可以注释、删除或修改
    error_page 404 /404.html;
    error_page 502 /502.html;
    #ERROR-PAGE-END

    #PHP-INFO-START  PHP引用配置,可以注释或修改
    #PROXY-START
    location ~ /purge(/.*) { 
        proxy_cache_purge cache_one blog.hijs.cc$request_uri$is_args$args;
        #access_log  /www/wwwlogs/127.0.0.1_purge_cache.log;
    }
    location / 
    {
        proxy_pass http://127.0.0.1:8360;
        proxy_set_header Host 127.0.0.1;
        proxy_set_header X-Forwarded-For $remote_addr;
        #proxy_cache cache_one;
        #proxy_cache_key 127.0.0.1$request_uri$is_args$args;
        #proxy_cache_valid 200 304 301 302 1h;
        add_header X-Cache $upstream_cache_status;

        expires 12h;
    }

    location ~ .*\.(php|jsp|cgi|asp|aspx|flv|swf|xml)?$
    { 
        proxy_set_header Host 127.0.0.1;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_pass http://127.0.0.1:8360;

    }
    #PROXY-END

    include enable-php-71.conf;
    #PHP-INFO-END

    #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
    include /www/server/panel/vhost/rewrite/blog.hijs.cc.conf;
    #REWRITE-END

    access_log  /www/wwwlogs/blog.hijs.cc.log;

    location /left-bg2.jpg
    {
        #proxy_pass http://ov0ms6efs.bkt.clouddn.com/hi/left-bg2.jpg;
    }
    location = /502.html {
      root   /www;
    }
}

HTTP 自定义502,反向代理

server
{
    listen 80;
    server_name jenkins.hijs.cc;
    index index.php index.html index.htm default.php default.htm default.html;
    root /www/wwwroot/jenkins.hijs.cc;

    #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
    #error_page 404/404.html;
    #SSL-END

    #ERROR-PAGE-START  错误页配置,可以注释、删除或修改
    error_page 404 /404.html;
    error_page 502 /502.html;
    #ERROR-PAGE-END

    #PHP-INFO-START  PHP引用配置,可以注释或修改

    #PROXY-START
    location ~ /purge(/.*) { 
        proxy_cache_purge cache_one $host$request_uri$is_args$args;
        #access_log  /www/wwwlogs/jenkins.hijs.cc_purge_cache.log;
    }
    location / 
    {
        proxy_pass http://127.0.0.1:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $remote_addr;
        #proxy_cache cache_one;
        #proxy_cache_key $host$request_uri$is_args$args;
        #proxy_cache_valid 200 304 301 302 1h;
        add_header X-Cache $upstream_cache_status;

        expires 12h;
    }

    location = /502.html {
      root   /www;
    }

    location ~ .*\.(php|jsp|cgi|asp|aspx|flv|swf|xml)?$
    { 
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_pass http://127.0.0.1:8080;

    }
    #PROXY-END

    include enable-php-71.conf;
    #PHP-INFO-END

    #REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
    include /www/server/panel/vhost/rewrite/jenkins.hijs.cc.conf;
    #REWRITE-END

    #禁止访问的文件或目录
    location ~ ^/(\.user.ini|\.htaccess|\.git|\.project|LICENSE|README.md)
    {
        return 404;
    }

    access_log  /www/wwwlogs/jenkins.hijs.cc.log;
}

fancyindex设置

location / {
     fancyindex on;
     fancyindex_exact_size off;
     fancyindex_localtime on;
     fancyindex_css_href "/.www_fancyindex.css";
     #fancyindex_header   "/.www_header.html";
     fancyindex_footer   "/.www_footer.html";
    }

隐藏index.php

if (!-e $request_filename) {
    rewrite ^/(.*) /index.php?$1&;
}

多域名配置

listen 80;
    server_name ~^(?<who>.+)\.(?<channel_name>.+)\.hijs\.cc$;
    root  /home/$who/web/channels/$channel_name.hijs.cc/www;

访问域名为 
developer1.m.hijs.cc
developer2.m.hijs.cc
developer1.admin.hijs.cc
developer2.admin.hijs.cc

本文链接:https://blog.hijs.cc/post/nginx-conf-demo.html

-- EOF --

作者 admin 发表于 2016-11-30 22:40:23 ,添加在分类 nginx 下 ,并被添加「 NGINX 」标签 ,最后修改于 2018-02-24 17:17:01

Comments