一、负载均衡配置(极简通用版)
upstream myservers {
server ip:port;
server ip:port;
server ip:port;
}
server {
listen 8089;
server_name localhost;
error_log logs/error-data.log error;
access_log logs/access-data.log;
location / {
proxy_pass http://myservers ;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
if ($request_method = 'OPTIONS') {
return 200;
}
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,PATCH,OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With, x-auth-token, version';
}
}
二、HTTPS(极简通用版)
server {
listen 443 ssl;
server_name www.treasurelifes.cn; # 自己的域名或localhost
client_max_body_size 20M;
ssl_certificate /etc/nginx/cert/life.cn.pem; # 自己的目录
ssl_certificate_key /etc/nginx/cert/life.cn.key; # 自己的目录
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-Ip $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://localhost:8000; # 自己的ip:port
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
server {
listen 80;
server_name www.treasurelifes.cn; # 自己的域名或localhost
rewrite ^(.*)$ https://${server_name}$1 permanent;
}