标签:bucket oct star min log ble 白名单 app uwsgi
一、nginx.conf的配置方式,创建新vhost
user nginx; worker_processes 4; worker_cpu_affinity 00000001 00000010 00000100 00001000; worker_rlimit_nofile 204800; pid /var/run/nginx.pid; events { worker_connections 204800; use epoll; multi_accept off; } http { include /usr/local/nginx/conf/mime.types; default_type application/octet-stream; log_format main ‘$remote_addr --- $remote_user --- [$time_local] --- $request --- ‘ ‘"$status" --- $body_bytes_sent --- "$http_referer" --- ‘ ‘"$http_user_agent" --- "$http_x_forwarded_for"‘; log_format mtr ‘$remote_addr [$time_local] "$request_uri" ‘ ‘$status "$http_referer" ‘ ‘"$http_user_agent" "$host"‘; sendfile on; keepalive_timeout 30; client_header_timeout 30; client_body_timeout 40; server_tokens off; tcp_nodelay on; gzip on; include /usr/local/nginx/conf/vhost/*.conf; fastcgi_send_timeout 300; fastcgi_read_timeout 300; #fastcgi_buffer_size 16k; #fastcgi_buffers 16 16k; #fastcgi_busy_buffers_size 16k; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; server_names_hash_bucket_size 128; client_header_buffer_size 2k; large_client_header_buffers 4 4k; client_max_body_size 100k; open_file_cache max=51200 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; }
之后新的服务写入vhost文件夹
二、配置nginx需要的服务
1)对html服务的配置(只包含html,js,png文件)
server { listen 800; server_name 127.0.0.1; #server_name sch5.com.cn; access_log /var/log/nginx/sch5.com.cn_access.log main; error_log /var/log/nginx/sch5.talkweb.com.cn_error.log; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real_IP $remote_addr; disable_symlinks off; location / { root /opt/wwwroot/; index index.php index.html index.htm; } location /nginx_status { #stub_status on; allow 127.0.0.1; deny all; } }
2) 对django项目的配置
server { listen 888; server_name localhost; access_log /data/log/nginx/myjumpserver_access.log main; error_log /data/log/nginx/myjumpserver_error.log; location / { uwsgi_pass 192.168.10.55:8888; include uwsgi_params; } # django项目文件, MyJumpserver,静态资源这里加载 location /static { alias /opt/wwwroot/MyJumpserver/static/; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } # 访问localhost:80 ===>192.168.10.13:8888(uwsgi服务提供的)
3)对django项目后台管理的配置
server { listen 8000; server_name localhost; access_log /data/log/nginx/pvzstar_access.log main; error_log /data/log/nginx/pvzstar_error.log; location / { uwsgi_pass 192.168.2.155:8888; include uwsgi_params; } # django项目文件, MyJumpserver,静态资源这里加载 location /static { alias /usr/local/python3/lib/python3.6/site-packages/django/contrib/admin/static/; } # redirect server error pages to the static page /50x.html error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
4)配置php项目
server { listen 80; server_name test.php.com; #server_name 192.168.2.41; access_log /data/log/nginx/test.php_access.log main; error_log /data/log/nginx/test.php_error.log; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real_IP $remote_addr; location / { root /opt/wwwroot/test.php.com.cn/; index index.php index.html index.htm; } location /nginx_status { stub_status on; allow 127.0.0.1; deny all; } error_page 404 /404.html; location = /404.html { root /usr/share/nginx/html; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } location ~ .*\.php$ { fastcgi_pass 127.0.0.1:9000; #fastcgi_pass UNIX:/tmp/php-cgi.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /opt/wwwroot/test.php.com.cn$fastcgi_script_name; include fastcgi_params; if ( $fastcgi_script_name ~ \..*\/.*php ) { return 403; } } }
5) nginx配置zabbix服务
#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include /opt/lnmp_zabbix/nginx/conf/mime.types; default_type application/octet-stream; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 89; server_name localhost; #access_log /opt/lnmp_zabbix/nginx/log/zabbix.log main; index index.html index.php index.html; root /opt/wwwroot/zabbix; location / { try_files $uri $uri/ /index.php?$args; } location ~ ^(.+.php)(.*)$ { fastcgi_split_path_info ^(.+.php)(.*)$; include fastcgi.conf; fastcgi_pass 127.0.0.1:9001; fastcgi_index index.php; fastcgi_param PATH_INFO $fastcgi_path_info; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }
6) 查看nginx的连接状态
server { listen 8080 default; location /nginx_status { stub_status on; allow 127.0.0.1; deny all; } location /{ return 403; } }
三、nginx作为代理服务
1)代理tcp协议
user nginx; worker_processes 4; worker_cpu_affinity 00000001 00000010 00000100 00001000; worker_rlimit_nofile 204800; pid /var/run/nginx.pid; events { worker_connections 204800; use epoll; multi_accept off; } http { include /opt/lnmp_zabbix/nginx/conf/mime.types; default_type application/octet-stream; log_format main ‘$remote_addr --- $remote_user --- [$time_local] --- $request --- ‘ ‘"$status" --- $body_bytes_sent --- "$http_referer" --- ‘ ‘"$http_user_agent" --- "$http_x_forwarded_for"‘; log_format mtr ‘$remote_addr [$time_local] "$request_uri" ‘ ‘$status "$http_referer" ‘ ‘"$http_user_agent" "$host"‘; sendfile on; keepalive_timeout 30; client_header_timeout 30; client_body_timeout 40; server_tokens off; tcp_nodelay on; gzip on; include /opt/lnmp_zabbix/nginx/conf/vhost/*.conf; fastcgi_send_timeout 300; fastcgi_read_timeout 300; #fastcgi_buffer_size 16k; #fastcgi_buffers 16 16k; #fastcgi_busy_buffers_size 16k; fastcgi_buffer_size 64k; fastcgi_buffers 4 64k; fastcgi_busy_buffers_size 128k; server_names_hash_bucket_size 128; client_header_buffer_size 2k; large_client_header_buffers 4 4k; client_max_body_size 100k; open_file_cache max=51200 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; } stream { upstream cloudsocket { hash $remote_addr consistent; # $binary_remote_addr; server 192.168.0.12:3306 weight=5 max_fails=3 fail_timeout=30s; } server { listen 80;#数据库服务器监听端口 proxy_connect_timeout 10s; proxy_timeout 300s;#设置客户端和代理服务之间的超时时间,如果5分钟内没操作将自动断开。 proxy_pass cloudsocket; } }
2.1)代理http服务
server { listen 10051; server_name 110.110.110.110; charset utf8; location / { proxy_pass http://192.168.1.222; } }
2.2) 代理http的更多参数优化
upstream 192.168.1.29 { server 192.168.1.25:80; } server { listen 80; server_name 192.168.1.29; charset utf8; location / { proxy_pass http://192.168.1.29; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
2.3) 代理http服务, 加入白名单
server { listen 80; server_name 192.168.2.95; access_log /opt/lnmp_zabbix/nginx/log/zabbix2.log main; error_log /opt/lnmp_zabbix/nginx/log/zabbix_error2.log crit; charset utf8; location / { allow 192.168.2.5; # 代理服务下,只有这个ip可以去访问 192.168.2.95:80 proxy_pass http://192.168.2.90:89; deny all; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
3) 实现nginx的负载均衡
upstream 192.168.1.29 { server 192.168.1.25:80; server 192.168.1.26:80; } server { listen 80; server_name 192.168.1.29; charset utf8; location / { proxy_pass http://192.168.1.29; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
4)网络代理。现象:有2台互通的机器,但是有一台有网络,有一台,没有网络,因为没有dns,如何让没有网络的机器能使用yum源
server { resolver 192.168.10.1 192.168.2.1; # dns resolver_timeout 5s; listen 8000; server_name 0.0.0.0; access_log /data/log/nginx/myjumpserver_access.log main; error_log /data/log/nginx/myjumpserver_error.log; location / { proxy_pass $scheme://$host$request_uri; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $Host; proxy_set_header X-Forwarder-For $Host; proxy_buffering on; proxy_max_temp_file_size 0; proxy_cache_valid 200 320 10m; proxy_cache_valid 301 1h; proxy_cache_valid any 1m; # include /data/app/nginx/conf/proxy.conf; } }
标签:bucket oct star min log ble 白名单 app uwsgi
原文地址:https://www.cnblogs.com/linu/p/10430197.html
