每日归档: 2023年12月25日

发布于

多子项目工程 nginx 配置

项目部署位置:/export/Instances/cf-static-page-jkplus/runtime

子项目index位置 / 域名访问默认位置:/export/Instances/cf-static-page-jkplus/runtime/jkplus-static/index.html

server {
listen 80;
server_name cf.jr.example.com;
access_log /export/nginx/logs/cf.jr.example.com_access.log main;
error_log /export/nginx/logs/cf.jr.example.com_error.log warn;
index index.html /jkplus-static/index.html;
error_page 404 502 503 500 =301 https://cf.jr.example.com;
location / {
try_files $uri $uri/ @fallback;
root /export/Instances/cf-static-page-jkplus/runtime;
}
location @fallback {
root /export/Instances/cf-static-page-jkplus/runtime/jkplus-static;
}
}

发布于

nginx代理转发 解决跨域 url重写

location ^~ /billingOperation {
proxy_set_header Host 'billing-operation-ite.example.com';
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://billing-operation-ite.example.com/;
proxy_read_timeout 300;
expires -1;
}

1、header 配置 host 解决 跨域问题

2、proxy_pass 域名最后 + / 自动重写url,去除location包含的部分

注意:

如果写rewrite :

redirect 造成302

permanent 造成301

发布于

iptables条目示例

  • iptables -t nat -A PREROUTING -p tcp --dport 8080 -j DNAT --to-destination 11.50.49.166:8080

  • iptables -t nat -A PREROUTING -d 10.226.144.202/32 -p tcp --dport 8080 -j DNAT --to-destination 11.50.49.166:8080

  • iptables -t nat -A POSTROUTING -d 10.226.144.202/32 -p tcp --dport 8080 -j SNAT --to-source 11.50.49.166:8080

发布于

nginx.conf 标准配置

user admin admin;

worker_processes auto;

worker_cpu_affinity auto;
error_log /export/nginx/logs/nginx_error.log warn;
pid /export/nginx/logs/nginx.pid;
worker_rlimit_nofile 65535;

web_mgr addr=a.b.com port=80;

events
{
use epoll;
worker_connections 65535;
}

http
{
include mime.types;
default_type application/octet-stream;
server_tokens on;

log_format main '$scheme $http_host $remote_addr $server_addr [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" "$http_user_agent" '
'$upstream_addr '
'$upstream_response_time $request_time $http_x_forwarded_for' ' $limit_req_hit';

server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 300m;

sendfile on;
tcp_nopush on;
tcp_nodelay on;

keepalive_timeout 0;

client_body_buffer_size 2048k;
fastcgi_intercept_errors on;
client_header_timeout 180;
client_body_timeout 180;
proxy_connect_timeout 90;
proxy_read_timeout 180;
proxy_send_timeout 180;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
server_name_in_redirect off;
proxy_hide_header X-Powered-By;

gzip on;
gzip_min_length 100;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 6;

gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
# error_page 400 401 402 403 404 405 408 410 412 413 414 415 500 501 502 503 506 =

vhost_traffic_status_zone;

server {
listen 9006;
server_name 0.0.0.0;
location /status {
vhost_traffic_status_display;
vhost_traffic_status_display_format json;
}
}

include domain/*.cfg;
}