一个https域名访问多种服务器
场景:只有一个https域名,需要可以同时访问接口服务器和静态文件服务器
https代理服务器的配置
server {
listen 443 ssl;
server_name proxy.xx.cn;
error_log logs/error-ssl.log;
access_log off;
ssl_certificate /usr/local/nginx/nginx/ssl/proxy.xx.cn.pem;
ssl_certificate_key /usr/local/nginx/nginx/ssl/proxy.xx.cn.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
add_header Access-Control-Allow-Origin *;
location /h5 {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://h5.xx.cn;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://api.xx.cn;
}
}
h5.xx.cn 静态文件服务器的配置
server {
listen 80;
server_name h5.xx.cn;
access_log off;
root /data/vhosts/xx.cn/h5;
index index.php;
ssi on;
ssi_silent_errors on;
ssi_types text/shtml;
expires -1;
rewrite "/h5/(.*)" /$1 last;
}
api.xx.cn 静态文件服务器的配置
server {
listen 80;
server_name api.xx.cn;
error_log logs/error-api.log;
access_log off;
root /data/vhosts/xx.cn/php;
index index.php;
ssi on;
ssi_silent_errors on;
ssi_types text/shtml;
expires -1;
chunked_transfer_encoding off;
client_max_body_size 300m;
location ~ \.php$ {
fastcgi_pass biz_php_upstream;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 128k;
fastcgi_buffers 32 16k;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
rewrite "/api(.*)" /api.php$1 last;
}
访问H5方式: https://proxy.xx.cn/h5/img/a.jpg
相当于访问: http://h5.xx.cn/img/a.jpg