1、web机器配置nginx文件
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name 192.168.1.75; root /data/web/wordpress; index index.html index.htm index.php; listen 443; server_name 192.168.1.75; ssl on; ssl_certificate /usr/local/nginx/conf/ssl/2018/server.cer; ssl_certificate_key /usr/local/nginx/conf/ssl/2018/server.key; ssl_session_timeout 5m; ssl_session_cache shared:SSL:1m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root /data/web/wordpress; index index.html index.htm index.php; } location ~ \.php$ { root /data/web/wordpress; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } }
nginx反向代理配置
worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; server { listen 80; server_name 192.168.1.78; rewrite ^(.*) https://192.168.1.78$1 permanent; } server { listen 443; access_log logs/quancha.access.log; error_log logs/quancha.error.log; index index.html index.htm index.php; ssl on; ssl_certificate /usr/local/nginx/conf/ssl/2018/server.cer; ssl_certificate_key /usr/local/nginx/conf/ssl/2018/server.key; ssl_session_timeout 5m; ssl_session_cache shared:SSL:1m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { proxy_pass https://192.168.1.75; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_max_temp_file_size 0; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; } } }