记录一下自己用的Nginx配置
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65;
server { listen 80; server_name localhost; location / { proxy_pass http://IP:端口; # 转发规则 proxy_set_header Host $proxy_host; # 修改转发请求头,让8080端口的应用可以受到真实的请求 proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location = /50x.html { root html; } } server { listen 8000; server_name localhost; location ^~ /apk/ { alias /usr/local/apk/; sendfile on; # 开启高效文件传输模式 autoindex on; # 开启目录文件列表 autoindex_exact_size on; # 显示出文件的确切大小,单位是bytes autoindex_localtime on; # 显示的文件时间为文件的服务器时间 charset utf-8,gbk; # 避免中文乱码 } location = /50x.html { root html; } } server { listen 8081; # 端口号 server_name localhost; # 配置域名信息 location ^~ / { alias /web/; # 静态页面根目录 index index.html; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header Upgrade-Insecure-Requests 1; proxy_set_header X-Forwarded-Proto https; } } server { listen 443 ssl; server_name localhost; ssl_certificate /usr/local/sslconf/证书文件名; #将domain name.pem替换成您证书的文件名称。 ssl_certificate_key /usr/local/sslconf/证书密钥文件名; #将domain name.key替换成您证书的密钥文件名称。 ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #使用此加密套件。 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #使用该协议进行配置。 ssl_prefer_server_ciphers on; location /static { alias /home/admin/master/collect_static; } location / { proxy_pass http://转跳域名/; } location /.well-known/pki-validation/ { alias /home/admin/master/wellknow; } } }
一个反向代理、一个文件下载目录、一个web页面和一个ssl证书
浙公网安备 33010602011771号