nginx.conf
20210611整理
more *.conf
::::::::::::::
all_web.conf
::::::::::::::
upstream all_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
server_name ~^(.+)?\.test\.com$;
#server_name imgs.test.com;
return 301 https://$http_host$request_uri;
}
server {
listen 8883;
server_name 127.0.0.1;
root /data/wwwroot/online/pcWeb;
charset utf-8;
}
server {
listen 443 ssl;
server_name ~^(.+)?\.test\.com$;
#server_name imgs.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/pcWeb;
index index.html;
# ssl_certificate /usr/local/nginx/conf/key/online_key/all_online_full_chain.pem;
# ssl_certificate_key /usr/local/nginx/conf/key/online_key/all_online_private.key;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location = /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location ~ /rmcache(/.*) {
allow all;
#allow 220.194.140.252;
#deny all;
# proxy_cache_purge cache_one $host$1$is_args$args;
error_page 405 =200 /purge$1;
}
# location ~* .*/.(bmp|img|jpeg|jpg|png|gif|svg|png|ico|txt|css|js|html|htm|pdf|apk)$ {
location ~* .*\.(bmp|img|jpeg|jpg|png|gif|svg|png|ico|txt|css|js|html|htm|pdf|apk)$ {
proxy_pass http://127.0.0.1:8883;
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_cache cache_one;
proxy_cache_valid 200 304 12h;
proxy_cache_valid 301 302 1m;
proxy_cache_valid any 1m;
proxy_cache_key $host$uri$is_args$args;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding '';
proxy_ignore_headers "Cache-Control" "Expires";
add_header X-Cache "Hit from ngnix.com";
expires 7d;
}
location /api {
proxy_pass http://all_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
business.conf
::::::::::::::
upstream business_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
server_name cccczrs3m.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name cccczrs3m.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/businessWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://business_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
commerceweb.conf
::::::::::::::
upstream commerce_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
server_name cccczrw51k.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name cccczrw51k.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/commerceWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://commerce_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
down.xxx.com.cn.conf
::::::::::::::
server {
listen 80;
server_name down.xxx.com.cn;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/down;
index index.html index.htm default.html default.htm;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
index index.html index.htm;
}
location /down/xxx/android/ {
proxy_http_version 1.1;
proxy_pass https://imtt.dd.qq.com/16891/apk/7.apk&csr=1bbd;
}
}
::::::::::::::
houseKeeping.conf
::::::::::::::
upstream house_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
server_name cccfctu5t.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name cccfctu5t.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/houseKeepingWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://house_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
img.xxx.com.cn.conf
::::::::::::::
server {
listen 80;
listen 443 ssl;
server_name img.xxx.com.cn;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /home/upload;
index index.html index.htm default.html default.htm;
# ssl_certificate /usr/local/nginx/conf/key/online_key/3146750_img.xxx.com.cn.pem;
# ssl_certificate_key /usr/local/nginx/conf/key/online_key/3146750_img.xxx.com.cn.key;
ssl_certificate /usr/local/nginx/conf/key/online_key/4817607_img.xxx.com.cn.pem;
ssl_certificate_key /usr/local/nginx/conf/key/online_key/4817607_img.xxx.com.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
# upstream img_upload {
# server 192.17.218.114:10009;
# }
location / {
proxy_pass http://192.17.218.114:10009;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /s1 {
try_files $uri $uri/ /index.html;
#单个链接不限速速度下载3m数据后,限速 512k 的速度下载
#limit_rate_after 3m; #设置不限速传输的响应大小。当传输量大于此值时,超出部分将限速传送。默认值0
#limit_rate 512k; #设置最高下载速度.默认值0
#limit_conn one 50; #指定一个会话或一个IP最大的并发连接数。 当超过指定的最发并发连接数时,服务器将返回 "Service unavailable" (503)。
}
location /s1/ios {
#root /home/upload/dev;
#index index.html index.htm;
#index apple-app-site-association;
#try_files https://img-dev.test.com/s1/ios/apple-app-site-association;
try_files $uri $uri/ /apple-app-site-association;
}
# location /down/xxx/android/ {
# proxy_http_version 1.1;
#proxy_pass https://imtt.dd.qq.com/16891/apk/xxx.apk?fsname=com.i1.apk&csr=1bbd;
#proxy_pass https://imtt.dd.qq.com/16891/apk/ccc.apk?mkey=6114&f=1ea3&fsname=com.1.apk&hsr=4d5s;
#}
location /down/xxx/android/ {
rewrite ^.+ http://imt11.apk&hsr=4d5s;
break;
}
}
::::::::::::::
# manager.conf
::::::::::::::
upstream manager_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
server_name ccc8ey35n.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name ccc8ey35n.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/managerWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://manager_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
m_api.conf
::::::::::::::
upstream online_m_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
# server_name m-api.test.com;
# return 301 https://$server_name$request_uri;
# }
#server {
listen 443 ssl;
server_name m-api.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
index index.html index.jsp default.html default.htm;
#ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
#ssl_certificate_key /usr/local/nginx/conf/key/private.key;
#ssl_certificate /usr/local/nginx/conf/key/online_key/3810450_m-api.test.com.pem;
#ssl_certificate_key /usr/local/nginx/conf/key/online_key/3810450_m-api.test.com.key;
ssl_certificate /usr/local/nginx/conf/key/online_key/5517176_m-api.test.com.pem;
ssl_certificate_key /usr/local/nginx/conf/key/online_key/5517176_m-api.test.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
proxy_pass http://online_m_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
mobile.conf
::::::::::::::
server {
listen 80;
server_name ccc6frz82g.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name ccc6frz82g.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/managerWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://share_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
newbusiness.conf
::::::::::::::
upstream newbusiness_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
server_name cccczrs3m48i.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name cccczrs3m48i.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/newBusinessWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://newbusiness_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
pay_m_api.conf
::::::::::::::
upstream online_pay_m_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
# server_name pay.xxx.com.cn;
# return 301 https://$server_name$request_uri;
# }
#server {
listen 443 ssl;
server_name pay.xxx.com.cn;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
index index.html index.jsp default.html default.htm;
# ssl_certificate /usr/local/nginx/conf/key/online_key/3146950_pay.xxx.com.cn.pem;
# ssl_certificate_key /usr/local/nginx/conf/key/online_key/3146950_pay.xxx.com.cn.key;
ssl_certificate /usr/local/nginx/conf/key/online_key/4817585_pay.xxx.com.cn.pem;
ssl_certificate_key /usr/local/nginx/conf/key/online_key/4817585_pay.xxx.com.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
proxy_pass http://online_pay_m_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
pc_api.conf
::::::::::::::
upstream online_pc_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
# server_name pc-api.test.com;
# return 301 https://$server_name$request_uri;
# }
#server {
listen 443 ssl;
server_name pc-api.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
index index.html index.jsp default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
proxy_pass http://online_pc_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
pc.conf
::::::::::::::
server {
listen 80;
server_name test.com www.test.com;
return 301 https://www.$server_name$request_uri;
# rewrite ^(.*)$ https://$host$1 permanent;
}
#server {
# listen 80;
# server_name www.test.com www.xxx.com.cn;
# return 301 https://$server_name$request_uri;
# }
server {
listen 443 ssl;
server_name www.test.com test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/pcWeb;
index index.html index.htm index.php default.html default.htm default.php;
#ssl on;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location = /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://share_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
proxy.conf
::::::::::::::
server {
listen 80;
server_name cccmnqp9mz42a.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name cccmnqp9mz42a.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/proxyWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://share_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
safe_api.conf
::::::::::::::
upstream online_safe_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
# server_name safe-api.test.com;
# return 301 https://$server_name$request_uri;
# }
#server {
listen 443 ssl;
server_name safe-api.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
index index.html index.jsp default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
ssl_certificate_key /usr/local/nginx/conf/key/private.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
proxy_pass http://online_safe_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
share.conf
::::::::::::::
upstream share_api {
server 192.17.218.116:10000;
server 192.17.218.117:10000;
server 192.17.218.118:10000;
server 192.17.218.119:10000;
}
server {
listen 80;
server_name share.test.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name share.test.com;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/mobileSharedPage;
index index.html index.htm default.html default.htm;
#ssl_certificate /usr/local/nginx/conf/key/full_chain.pem;
#ssl_certificate_key /usr/local/nginx/conf/key/private.key;
#ssl_certificate /usr/local/nginx/conf/key/online_key/3810460_share.test.com.pem;
#ssl_certificate_key /usr/local/nginx/conf/key/online_key/3810460_share.test.com.key;
ssl_certificate /usr/local/nginx/conf/key/online_key/5517165_share.test.com.pem;
ssl_certificate_key /usr/local/nginx/conf/key/online_key/5517165_share.test.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://share_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
::::::::::::::
wssl.top.conf
::::::::::::::
server {
listen 80;
server_name www.wssl.top wssl.top;
# return 301 https://$server_name$request_uri;
# }
#server {
# listen 443 ssl;
# server_name wssl.top;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
root /data/wwwroot/online/ediWeb;
index index.html index.htm default.html default.htm;
# ssl_certificate /usr/local/nginx/conf/key/online_key/www.xxx.com.cn.pem;
# ssl_certificate_key /usr/local/nginx/conf/key/online_key/www.xxx.com.cn.key;
# ssl_session_timeout 5m;
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_prefer_server_ciphers on;
location /favicon.ico {
root /data/wwwroot/online;
}
location / {
try_files $uri $uri/ /index.html;
}
}
::::::::::::::
www.xxx.com.cn.conf
::::::::::::::
server {
listen 80;
#server_name www.xxx.com.cn xxx.com.cn;
server_name www.xxx.com.cn xxx.com.cn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
#server_name www.xxx.com.cn xxx.com.cn;
server_name www.xxx.com.cn xxx.com.cn;
access_log /data/wwwlogs/online/access_nginx.log combined;
charset utf-8;
#root /data/wwwroot/online/ediWeb;
root /data/wwwroot/online/pcWeb;
index index.html index.htm default.html default.htm;
ssl_certificate /usr/local/nginx/conf/key/online_key/www.xxx.com.cn.pem;
ssl_certificate_key /usr/local/nginx/conf/key/online_key/www.xxx.com.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
if ($host = 'www.xxx.com.cn'){
rewrite ^/(.*)$ https://www.test.com/$1 permanent;
}
root html;
index index.html index.htm;
}
location /favicon.ico {
root /data/wwwroot/online;
}
# location / {
# try_files $uri $uri/ /index.html;
# }
location /api {
proxy_pass http://share_api;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}