user nginx;
worker_processes 8;
error_log /var/log/nginxerror.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
#include /usr/share/nginx/modules/*.conf;
#优化Nginx并发量
#worker_processes 8; #与CPU核心数量一致
events {
worker_connections 1024; #每个worker最大并发连接数
}
http {
#隐藏具体的版本号
server_tokens off;
#对页面进行压缩处理
#gzip on; #开启压缩
#gzip_min_length 1000; #小文件不压缩
#gzip_comp_level 4; #压缩比率
#对特定文件压缩,类型参考mime.types
#gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
#服务器内存缓存,处理大量静态文件,可以将文件缓存在内存
#设置服务器最大缓存2000个文件句柄,关闭20秒内无请求的文件句柄
#文件句柄的有效时间是60秒,60秒后过期
#只有访问次数超过5次会被缓存
#open_file_cache max=2000 inactive=20s;
#open_file_cache_valid 60s;
#open_file_cache_min_uses 5;
#open_file_cache_errors off;
#防止buffer溢出
client_body_buffer_size 1K;
client_max_body_size 1M;
#优化Nginx数据包头缓存
client_header_buffer_size 1k; #默认请求包头信息的缓存
large_client_header_buffers 4 4k; #大请求包头部信息的缓存个数与容量
#限制并发量
#将客户端IP信息存储名称为one的共享内存,内存空间为10M
#10M可以存储8万个主机连接的状态,容量可以根据需要任意调整
#每秒中仅接受1个请求,多余的放入漏斗
limit_req_zone $binary_remote_addr zone=one:10m rate=10r/s;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginxaccess.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /data/nginx/conf/mime.types;
#default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
#include /etc/nginx/conf.d/*.conf;
server {
listen 44444 ssl;
server_name localhost;
ssl_certificate "/data/nginx/ssl/nginx.crt";
ssl_certificate_key "/data/nginx/ssl/nginx_nopass.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#nginx关闭WebDav,只放通GET和POST,放置于server中
#!~* 不区分大小写不匹配
if ($request_method !~* GET|POST) {
return 403;
}
#防止该网站页面被其他网站嵌套
add_header X-Frame-Options "SAMEORIGIN";
#同上限制并发量,漏斗为20
limit_req zone=one burst=20;
#charset koi8-r;
#access_log logs/host.access.log main;
location /api {
rewrite ^.+api/?(.*)$ /$1 break;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' '*';
proxy_pass http://192.168.1.111:8100/; #代理的域名
}
location / {
root html/mobile/dist;
index index.html index.htm;
}
#浏览器本地缓存静态数据
#location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
# expires 30d; #定义客户端缓存时间为30天
#}
}
server {
listen 33333 ssl;
server_name localhost;
ssl_certificate "/data/nginx/ssl/nginx.crt";
ssl_certificate_key "/data/nginx/ssl/nginx_nopass.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#nginx关闭WebDav,只放通GET和POST,放置于server中
#!~* 不区分大小写不匹配
if ($request_method !~* GET|POST) {
return 403;
}
#防止该网站页面被其他网站嵌套
add_header X-Frame-Options "SAMEORIGIN";
#同上限制并发量,漏斗为20
limit_req zone=one burst=20;
#charset koi8-r;
#access_log logs/host.access.log main;
location /api {
rewrite ^.+api/?(.*)$ /$1 break;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' '*';
proxy_pass proxy_pass http://192.168.1.222:8100/; #代理的域名
}
location / {
root html/vueswiftops/dist;
try_files $uri $uri/ @router; # 配置使用路由
index index.html index.htm;
}
# 路由配置信息
location @router {
rewrite ^.*$ /index.html last; #接收到截取的url 并按一定规则重写rul和vue路由跳转
}
}
}