server {
listen 80;
listen 443 ssl;
server_name user.17.net userapi.17.net;
access_log logs/user/access.log main;
error_log logs/user/error.log;
ssl_certificate /usr/local/nginx/ssl/17track.crt;
ssl_certificate_key /usr/local/nginx/ssl/17track.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols SSLv3 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM;
ssl_prefer_server_ciphers on;
location / {
# if ( $scheme ~* ^http$ ) {
# rewrite ^(/.*)$ https://$host$1 break;
# }
if ( $host ~* ^user. ) {
proxy_pass http://cluster_user;
}
if ( $host ~* ^userapi. ) {
proxy_pass http://cluster_userapi;
}
set $no_cache '';
set $cache_key '';
access_by_lua "
ngx.var.no_cache = '0'
ngx.var.cache_key=ngx.var.host ..ngx.var.uri
if string.find(ngx.var.uri, '^/res/') then
local newargs=ngx.var.args
if not newargs then
newargs=''
end
ngx.var.cache_key=ngx.var.host ..ngx.var.uri ..ngx.var.is_args ..newargs
end
if ngx.var.http_accept_encoding == nil then
local newargs1=ngx.var.args
local newargs2='/ungzip'
ngx.var.cache_key=ngx.var.host ..ngx.var.uri ..newargs2
if string.find(ngx.var.uri, '^/res/') then
if not newargs1 then
newargs1=''
end
ngx.var.cache_key=ngx.var.host ..ngx.var.uri ..ngx.var.is_args ..newargs1 ..newargs2
end
end
";
header_filter_by_lua "
if ngx.status ~= 200 then
ngx.var.no_cache = '1'
end
";
proxy_cache_key $cache_key;
proxy_cache_bypass $no_cache;
proxy_no_cache $no_cache;
proxy_cache cache_one;
proxy_cache_valid 200 304 10m;
proxy_cache_valid 301 302 1m;
proxy_cache_valid any 1m;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
add_header Nginx-Cache $upstream_cache_status;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}