nginx配置-cooolr的编程笔记

https关键配置

http{
    server {
        listen       80 default_server;
        listen       [::]:80 default_server;

        location / {
            # 完整url重定向
            rewrite ^ https://baidu.com$request_uri break;
        }
    }

    server {
        listen       443 ssl http2 default_server;
        listen       [::]:443 ssl http2 default_server;

        # 证书配置
        ssl_certificate /home/pi/baidu.com/ssl.crt;
        ssl_certificate_key /home/pi/baidu.com/ssl.key;
        
        location /_posts {
            proxy_pass http://127.0.0.1:2222;
        }

        location / {
            proxy_pass http://127.0.0.1:8001;
        }
    }
}

负载均衡关键配置

http{

     upstream  web {
        # round-robin 默认轮询
        # least_conn 最少连接
        server 127.0.0.1:1002;
        server 127.0.0.1:1003;
        server 127.0.0.1:1004;
        }   

    server {
        listen       1001;
        location / {
                proxy_pass http://web; # 负载均衡
        }
}

根据请求头匹配配置

location / {
            if ( $http_user_agent ~* "curl" ) {
                return 200 "$remote_addr\n";}
            if ( $http_user_agent !~* "curl" ) {
                rewrite ^ https://baidu.com$request_uri break;}
        }

转发https

location / {
    proxy_pass https://www.69shu.com;
    proxy_set_header Host www.69shu.com;
    proxy_ssl_server_name on;
}

生产环境转发https

location / {
    proxy_ssl_server_name on;
    proxy_pass https://baidu.com/embeds/;
    proxy_set_header Host baidu.com;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    proxy_ssl_session_reuse off;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

    add_header   upstream_time    $request_time;
    proxy_cache dune_cache;
    proxy_cache_key $host$uri$is_args$args;
    proxy_cache_valid 200 120s;
    proxy_cache_valid 304 120s;
}

nginx超时问题

http{
    keepalive_timeout  65; # 请求超时
    server {
        location / {
            proxy_read_timeout 150;  # 页面等待服务器响应超时
        }
    }
}

301转发

return 301 "https://weibo.com/cooolr"

内容替换

sub_filter 'https://core-hsr.baidu.com' 'https://www.baidu.com';
sub_filter_once off;
sub_filter_types *;

sub_filter/subs_filter替换不生效的原因和解决方案

在配置文件的反代规则里增加proxy_set_header Accept-Encoding "";

匹配多个字符

if ($request_uri ~* (abcd|xyz|jpg)) {
	return 503;
}

服务器缓存

proxy_cache_path /data/nginx_cache/dune_cache levels=1:2 keys_zone=dune_cache:256m inactive=365d;

location / {
    proxy_cache dune_cache;
    #proxy_cache_key $host$uri$is_args$args;
    proxy_cache_methods POST;
    proxy_cache_use_stale updating;
    proxy_cache_key "$request_uri|$request_body";
    proxy_cache_valid 200 180s;
    proxy_cache_valid 304 180s;
}

客户端缓存

if ( $fastcgi_script_name ~* \.[jpg|jpeg|gif|png|js|css|ttf] ) {
    expires 1h;#只对图片、JS及CSS缓存15天
}

add_header   upstream_time    $request_time;
proxy_cache dune_cache;
proxy_cache_valid 200 180s;
proxy_cache_valid 304 180s;

# 默认缓存的是proxy_cache_key $scheme$proxy_host$request_uri;