江哥架构师笔记–
正常使用的nginx主配置文件
user www www;
worker_processes 8;
error_log logs/error.log crit;
pid /var/run/nginx.pid;
worker_rlimit_nofile 655350;
events {
use epoll;
worker_connections 655350;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" "$upstream_addr" "$upstream_response_time" "$request_time"';
log_format request_time_count '{"time":"$time_iso8601",'
'"remote_addr":"$remote_addr",'
'"request":"$uri",'
'"status":"$status",'
'"request_method": "$request_method",'
'"size":"$body_bytes_sent",'
'"geoip_region_name":"$geoip_region_name",'
'"request_time":"$request_time",'
'"upstream_response_time":"$upstream_response_time",'
'"upstream_addr":"$upstream_addr",'
'"http_forward":"$http_x_forwarded_for",'
'"http_referer":"$http_referer",'
'"domain":"$host",'
'"hostname":"$hostname",'
'"agrs":"$args",'
'"http_protocol":"$server_protocol",'
'"upstream_cache_status":"$upstream_cache_status",'
'"http_user_agent":"$http_user_agent"}';
log_format json '{"time":"$time_iso8601",'
'"remote_addr":"$remote_addr",'
'"request":"$uri",'
'"status":"$status",'
'"request_method": "$request_method",'
'"size":"$body_bytes_sent",'
'"geoip_region_name":"$geoip_region_name",'
'"request_time":"$request_time",'
'"upstream_response_time":"$upstream_response_time",'
'"upstream_addr":"$upstream_addr",'
'"http_forward":"$http_x_forwarded_for",'
'"http_referer":"$http_referer",'
'"domain":"$host",'
'"hostname":"$hostname",'
'"agrs":"$args",'
'"http_protocol":"$server_protocol",'
'"upstream_cache_status":"$upstream_cache_status",'
'"http_user_agent":"$http_user_agent"}';
# geoip库
geoip_city /usr/local/nginx/geoip/data/GeoLiteCity.dat;
access_log logs/access.log main;
sendfile on;
charset utf-8;
server_names_hash_bucket_size 256;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
tcp_nopush on;
server_tokens off;
keepalive_timeout 30;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 9;
gzip_types text/plain application/javascript application/x-javascript text/css application/xml;
gzip_vary on;
client_body_buffer_size 512k;
client_max_body_size 10m;
proxy_connect_timeout 180;
proxy_send_timeout 300;
proxy_read_timeout 600;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
#proxy_next_upstream error timeout invalid_header http_500 http_503 http_404 http_502;
proxy_next_upstream error timeout invalid_header http_502;
proxy_max_temp_file_size 128m;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# 使错误页面生效
fastcgi_intercept_errors on;
fastcgi_buffers 256 16K;
fastcgi_buffer_size 16K;
proxy_temp_path /home/temp;
proxy_cache_path /home/cache levels=1:2 keys_zone=cache_one:50m inactive=2h max_size=10g;
# 代理服务器不主动关闭客户端连接
proxy_ignore_client_abort on;
# ssl
# s.xxx.com
# ssl_certificate /usr/local/nginx/conf/server.crt;
# ssl_certificate_key /usr/local/nginx/conf/server.key;
ssl_certificate /usr/local/nginx/conf/server.pem;
ssl_certificate_key /usr/local/nginx/conf/xxx.com.key;
include vhosts/*.conf;
#判断源IP是否为内网ip还是外网IP
access_by_lua_block {
tmp1,_ = string.find(ngx.var.remote_addr, "10.16.%d+.%d+")
tmp2,_ = string.find(ngx.var.remote_addr, "10.216.%d+.%d+")
if (tmp1 or tmp2) then
ngx.req.set_header("income-type", "intranet")
else
ngx.req.set_header("income-type", "internet")
end
}
server {
listen 80;
server_name out.mappings.xxx.com;
charset utf8;
error_page 403 /403.html;
include mappings/*;
}
}
stream {
log_format proxy '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
upstream rabbitmq_server {
server 10.16.35.13:5672;
server 10.16.35.15:5672;
server 10.16.35.17:5672;
}
upstream rabbitmq_web_server {
server 10.16.35.13:15672;
server 10.16.35.15:15672;
server 10.16.35.17:15672;
}
server {
listen 5673 ;
proxy_responses 10;
proxy_timeout 20s;
proxy_pass rabbitmq_server;
access_log /tmp/nginx_tcp_access.log proxy;
error_log /tmp/nginx_tcp_error.log;
}
server {
listen 15673 ;
proxy_responses 10;
proxy_timeout 20s;
proxy_pass rabbitmq_web_server;
access_log /tmp/nginx_tcp_access.log proxy;
error_log /tmp/nginx_tcp_error.log;
}
}
–
–
–
评论前必须登录!
注册