标签:cer ESS command _for server ECDHE break 方式 keepalive
server {
server_name hanye-jenkins.hanye.net;
access_log /data/wwwlogs/jenkins-web.access.log ;
error_log /data/wwwlogs/jenkins-web.error.log;
listen 443 ssl;
ssl_certificate /usr/local/nginx/conf/ssl/hanye.net.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/hanye.net.key;
ssl_session_timeout 10m;
ssl_buffer_size 64k;
ssl_session_cache shared:SSL:10m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_redirect default;
#proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
#this is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 120;
proxy_send_timeout 120;
proxy_read_timeout 120;
proxy_buffering off;
proxy_request_buffering off; # Required for HTTP CLI commands in Jenkins > 2.54
proxy_set_header Connection ""; # Clear for keepalive
}
location /oss {
expires 3d;
rewrite /(.+)$ /$1 break;
proxy_pass https://fangx.oss-cn-shenzhen.aliyuncs.com/fangx/source/ZPMOQ2xjSwmBvNB1scM7JYwAgqCJvueKYlWbjlsu.png;
}
}
server {
server_name hanye-es.hanye.net;
access_log /data/wwwlogs/es-web.access.log ;
error_log /data/wwwlogs/es-web.error.log;
listen 443 ssl;
auth_basic "Nginx";
auth_basic_user_file /usr/local/nginx/conf/passwd;
autoindex on;
ssl_certificate /usr/local/nginx/conf/ssl/hanye.net.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/hanye.net.key;
ssl_session_timeout 10m;
ssl_buffer_size 64k;
ssl_session_cache shared:SSL:10m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://10.0.109.17:5601;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_max_temp_file_size 0;
#this is the maximum upload size
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 120;
proxy_send_timeout 120;
proxy_read_timeout 120;
proxy_buffering off;
proxy_request_buffering off; # Required for HTTP CLI commands in Jenkins > 2.54
proxy_set_header Connection ""; # Clear for keepalive
}
}
标签:cer ESS command _for server ECDHE break 方式 keepalive
原文地址:https://blog.51cto.com/9025736/2441913