#user nobody;
#子进程:
worker_processes auto;
#worker_rlimit_nofile;worker_rlimit_core异常终止日志worker_directory;worker_cpu_affinity绑定指定cpu;worker_priority优先级;
#worker_shutdown_timeout优雅退出时超时时间;timer_resolution调度时间间隔;daemon运行方式前台/后台;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 65535;
#use驱动模型;multi_accept on新连接;
#accpet_mutex负载均衡互斥锁;accpet_mutex_delay子进程连接超时时间;lock_file;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
include conf.d/*.conf;
#gzip on;
#conn限制limit_conn_zone $binary_remote_addr zone=limit_addr:10m;
#req限制limit_req_zone $binary_remote_addr zone=one:10m rate=2r/m;
upstream nginxtest {
server 127.0.0.1:8080 weight=1;
server 127.0.0.1:8081 weight=1;
server 127.0.0.1:8082 backup;
}
server {
listen 8091;
#先再hoshs中添加127.0.0.1 www.hashtopic.com
server_name www.hashtopic.com;
#charset koi8-r;
charset utf-8;
#access_log logs/host.access.log main;
location / {
root html;
#alias;stub_status连接统计需打开模块;
index index.html index.htm;
proxy_pass http://nginxtest;
#limit_conn_status 503;
#limit_conn_log_level warn;
#limit_conn limit_addr 2连接2次之后限速;
#limit_rate 150传输限制150b/s;
#limit_req_status 504;
#limit_req_log_level warn;
#limit_req zone=one;
#limit_req zone=one burst=7桶限制 nodelay非延迟处理;
#deny 192.168.1.1;
#allow 192.168.1.0/24;
#验证用户:nginx/conf/auth下:htpasswd -b -c(只第一次creat) encrypt_pass jack 123456
#auth_basic "test user pass";
#auth_basic_user_file auth/encrypt_pass;/usr/local/nginx/auth
#auth_request /auth鉴权跳转;
#return 200 "success";
#return 302 /bbs重定向;
#return http://127.0.0.1:8000/bbs;
#rewrite ^/(.*) http://127.0.0.1:81 redirect;
#rewrite /images/(.*) /pics/$1;
#if ($remote_addr = "") {}
#查看目录下文件:autoindex on;autoindex_exact_size off;autoindex_format html;autoindex_localtime off;
}
#error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
conf.d下子文件开启https:
server {
listen 89 ssl;
server_name localhost;
ssl_certificate /etc/nginx/conf.d/cert.pem;
ssl_certificate_key /etc/nginx/conf.d/private.pem;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
#proxy_ssl_certificate ../conf.d/client.crt;
#proxy_ssl_certificate_key ../conf.d/client.key;
proxy_pass url;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}