nginx常用配置

# nginx.conf

user nginx;

# 配置nginx worker进程个数
worker_processes auto;

# 配置日志存放路径
#access_log  logs/access.log  warn;
#error_log   logs/error.log  main;
#pid logs/nginx.pid;

# nginx事件处理模型优化
events {
    worker_connections 65535; # 当个进程允许的客户端最大连接数
    use epoll;
    }

# 配置nginx worker进程最大打开文件数
worker_rlimit_nofile 65535;

http {
    
    # 隐藏版本号
    server_tokens off;
    
    # 设置日志格式
    log_format  main  '$http_x_forwarded_for - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" ';

    map $http_x_forwarded_for  $clientRealIp {
            ""      $remote_addr;
                    ~^(?P<firstAddr>[0-9.]+),?.*$  $firstAddr;
    }
    # 开启高效文件传输模式
    include mime.types;                         # 媒体类型
    default_type    application/octet-stream;   # 默认媒体类型
    charset  utf-8;                             # 默认字符集
    sendfile    on;
    tcp_nopush  on;                             # 只有在sendfile开启模式下有效
    
    # 设置连接超时时间
    keepalive_timeout  65;      # 设置客户端连接保持会话的超时时间，超过则服务器会关闭该连接
    tcp_nodelay on;             # 打开tcp_nodelay,在包含了keepalive参数才有效果
    #client_header_timeout 60s;    # 设置客户端请求有超时时间，该时间内客户端未发送数据，nginx将返回‘Request time out(408)’错误
    #client_body_timeout 60s；    # 设置客户端请求体超时时间，同上
    send_timeout 15;            # 设置相应客户端的超时时间，超时nginx将会关闭连接
    
    # 上传文件大小设置（动态引用）
    client_max_body_size 2m;
    
    # 数据包头部缓存大小
    client_header_buffer_size    1k;        #默认请求包头信息的缓存    
    large_client_header_buffers  4 4k;      #大请求包头部信息的缓存个数与容量
   
    # 压缩处理
    gzip on;                           #开启压缩
    gzip_min_length 1k;              #小文件不压缩
    gzip_comp_level 4;                 #压缩比率
    gzip_buffers 4 16k;                #压缩缓冲区大小，申请4个单位为16K的内存作为亚索结果流缓存    
    #对特定文件压缩，类型参考mime.types
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/x-httpd-php image/jpeg image/gif image/png;
    gzip_vary on;
    gzip_disable "MSIE[1-6]."; 
    

   # 引入子配置文件     
   include vhost/*.conf;
   include proxy.conf;
}

# proxy.conf

proxy_connect_timeout 300s;
proxy_send_timeout 900s;
proxy_read_timeout 900s;
proxy_next_upstream off;
proxy_buffer_size 32k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_redirect off;
proxy_hide_header Vary;
proxy_set_header Accept-Encoding '';
proxy_set_header Referer $http_referer;
proxy_set_header Cookie $http_cookie;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";

# ssl配置

upstream backend1 {
    server ip:port max_fails=3 fail_timeout=15s;
    server ip:port max_fails=3 fail_timeout=15s;
}
upstream backend2 {
    server ip:port max_fails=3 fail_timeout=15s;
    server ip:port max_fails=3 fail_timeout=15s;
}

server {
    listen 80;
    server_name domain ;
    index index.html;
    access_log   '/data/apps/nginx/logs/access.log' main;

    location / {
       root html/front;
       index index.html;
       try_files $uri $uri/ /index.html;
    }

    location  ^~ /path1/ {
        proxy_pass http://backend1/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect default;
    }

    location  /path2/ {
        proxy_pass http://backend2/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect default;

    }
}

server {
    listen 443 ssl;
    server_name domain;
    ssl_certificate      cert/domain.crt;
    ssl_certificate_key  cert/domain.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
　　 access_log   'logs/domain_access.log' main;   
    location / {
        root html/front;
        index index.html;
        try_files $uri $uri/ /index.html;
    }

    location  ^~ /path1/ {
        proxy_pass http://backend1/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect default;
    }

    location  /path2/ {
        proxy_pass http://backend2/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_redirect default;

    }
}

# 

server {

  listen 80;

  server_name domain.com ;
  error_page 403 404 405 500 502 504 =200 /home/index.json;
  location / {
           root /home;
           index  index.json;
           try_files $uri $uri/ /index.json?s=$uri&$args;
  }


  location = /home/index.json {
     default_type 'application/json';
     set $ret_body '{
        "code": "4009",
        "data": "<p>系统出问题了，进入维护状态</p>",
        "msg":"系统出问题了，进入维护状态"
       }';
     if ( $arg_callback != "" )
     {
       return 200 'try{$arg_callback($ret_body)}catch(e){}';
     }
     return 200 $ret_body;

     }

}