efc
/
main-web
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main-web/bak/nginx.conf

213 lines
6.7 KiB
Nginx Configuration File
Raw Permalink Normal View History

init
2024-03-14 03:30:18 +00:00
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
add_header X-Frame-Options SAMEORIGIN always;
client_max_body_size 20m;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
# include /etc/nginx/conf.d/*.conf;
upstream gateways {
least_conn;
server cmp-10-20-12-56:8000;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
#gzip_http_version 1.0;
gzip_comp_level 7;
gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
gzip_vary off;
gzip_disable "MSIE [1-6]\.";
server {
listen 60003 ssl;
server_name localhost;
ssl_certificate /etc/nginx/bocloud.crt;
ssl_certificate_key /etc/nginx/bocloud.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
keepalive_timeout 60;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods *;
add_header Access-Control-Allow-Headers *;
location / {
root /opt/cmp/consoles/cos-web/;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location ~^/(cmp-web|cms-web|scr-web|sms-web|cop-web|web-common-resource) {
root /opt/cmp/consoles/;
index index.html index.htm;
try_files $uri $uri/ /$1/index.html;
}
location /api {
proxy_pass http://gateways;
proxy_connect_timeout 20;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_pass_header X-XSRF-TOKEN;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header Connection "upgrade";
}
location /attachment {
root /home/cmp/;
}
location /config-files {
root /home/cmp/;
}
}
server {
listen 60006 ssl;
server_name localhost;
ssl_certificate /etc/nginx/bocloud.crt;
ssl_certificate_key /etc/nginx/bocloud.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
keepalive_timeout 60;
location / {
root /opt/cmp/consoles/main-web/;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location ~^/(cmp-web|cms-web|scr-web|sms-web|cop-web)\/(fonts|static\/img) {
proxy_pass https://127.0.0.1:60003;
}
location /web-common-resource {
proxy_pass https://127.0.0.1:60003;
}
location /api/terminal {
proxy_pass https://$arg_real_host;
proxy_connect_timeout 60;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_pass_header X-XSRF-TOKEN;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header Connection "upgrade";
rewrite "^/api/terminal/(.*)$" /$1 break;
}
location /api {
proxy_pass http://gateways;
proxy_connect_timeout 20;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_pass_header X-XSRF-TOKEN;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header Connection "upgrade";
}
location /attachment {
root /home/cmp/;
}
location /config-files {
root /home/cmp/;
}
}
server {
listen 60008 ssl;
server_name localhost;
root /opt/cmp/consoles/csc-web/;
ssl_certificate /etc/nginx/bocloud.crt;
ssl_certificate_key /etc/nginx/bocloud.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
keepalive_timeout 60;
location / {
root /opt/cmp/consoles/csc-web/;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://gateways;
proxy_connect_timeout 60;
proxy_http_version 1.1;
proxy_pass_header X-XSRF-TOKEN;
proxy_redirect http:// https://;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header Connection "upgrade";
}
location /web-common-resource {
proxy_pass https://127.0.0.1:60003;
}
location /ticket {
proxy_pass https://$arg_host;
proxy_connect_timeout 60;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_pass_header X-XSRF-TOKEN;
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header Connection "upgrade";
}
location /attachment {
root /home/cmp/;
}
location /config-files {
root /home/cmp/;
}
}
}
stream {
upstream mon {
least_conn;
server cmp-10-20-12-56:162;
}
server {
listen 1162 udp reuseport;
proxy_pass mon;
proxy_timeout 1m;
proxy_connect_timeout 60s;
}
}