https关键配置
http{
server {
listen 80 default_server;
listen [::]:80 default_server;
location / {
# 完整url重定向
rewrite ^ https://baidu.com$request_uri break;
}
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
# 证书配置
ssl_certificate /home/pi/baidu.com/ssl.crt;
ssl_certificate_key /home/pi/baidu.com/ssl.key;
location /_posts {
proxy_pass http://127.0.0.1:2222;
}
location / {
proxy_pass http://127.0.0.1:8001;
}
}
}
负载均衡关键配置
http{
upstream web {
# round-robin 默认轮询
# least_conn 最少连接
server 127.0.0.1:1002;
server 127.0.0.1:1003;
server 127.0.0.1:1004;
}
server {
listen 1001;
location / {
proxy_pass http://web; # 负载均衡
}
}
根据请求头匹配配置
location / {
if ( $http_user_agent ~* "curl" ) {
return 200 "$remote_addr\n";}
if ( $http_user_agent !~* "curl" ) {
rewrite ^ https://baidu.com$request_uri break;}
}
转发https
location / {
proxy_pass https://www.69shu.com;
proxy_set_header Host www.69shu.com;
proxy_ssl_server_name on;
}
生产环境转发https
location / {
proxy_ssl_server_name on;
proxy_pass https://baidu.com/embeds/;
proxy_set_header Host baidu.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ssl_session_reuse off;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
add_header upstream_time $request_time;
proxy_cache dune_cache;
proxy_cache_key $host$uri$is_args$args;
proxy_cache_valid 200 120s;
proxy_cache_valid 304 120s;
}
nginx超时问题
http{
keepalive_timeout 65; # 请求超时
server {
location / {
proxy_read_timeout 150; # 页面等待服务器响应超时
}
}
}
301转发
return 301 "https://weibo.com/cooolr"
sub_filter 'https://core-hsr.baidu.com' 'https://www.baidu.com';
sub_filter_once off;
sub_filter_types *;
在配置文件的反代规则里增加proxy_set_header Accept-Encoding "";
匹配多个字符
if ($request_uri ~* (abcd|xyz|jpg)) {
return 503;
}
服务器缓存
proxy_cache_path /data/nginx_cache/dune_cache levels=1:2 keys_zone=dune_cache:256m inactive=365d;
location / {
proxy_cache dune_cache;
#proxy_cache_key $host$uri$is_args$args;
proxy_cache_methods POST;
proxy_cache_use_stale updating;
proxy_cache_key "$request_uri|$request_body";
proxy_cache_valid 200 180s;
proxy_cache_valid 304 180s;
}
客户端缓存
if ( $fastcgi_script_name ~* \.[jpg|jpeg|gif|png|js|css|ttf] ) {
expires 1h;#只对图片、JS及CSS缓存15天
}
add_header upstream_time $request_time;
proxy_cache dune_cache;
proxy_cache_valid 200 180s;
proxy_cache_valid 304 180s;
# 默认缓存的是proxy_cache_key $scheme$proxy_host$request_uri;