| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172 |
- user root root;
- worker_processes 2;
- worker_cpu_affinity 01 10;
- error_log logs/error.log;
- #error_log logs/error.log notice;
- #error_log logs/error.log info;
- #pid logs/nginx.pid;
- worker_rlimit_nofile 65535;
- events {
- use epoll;
- worker_connections 1024;
- }
- http {
- include mime.types;
- default_type application/octet-stream;
- #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- # '$status $body_bytes_sent "$http_referer" '
- # '"$http_user_agent" "$http_x_forwarded_for"';
- server_names_hash_bucket_size 128;
- client_header_buffer_size 32k;
- large_client_header_buffers 4 32k;
- client_max_body_size 8m;
-
- access_log on;
-
- server_tokens off;
- sendfile on;
- tcp_nopush on;
- keepalive_timeout 60;
- tcp_nodelay on;
-
- gzip on;
- gzip_min_length 1k;
- gzip_buffers 4 16k;
- gzip_http_version 1.0;
- gzip_comp_level 2;
- gzip_types text/plain application/x-javascript text/css application/xml;
- gzip_vary on;
- #limit_zone crawler $binary_remote_addr 10m;
- upstream tomcat-patrol-app { # patrol-app
- server localhost:8898;
- }
-
- upstream tomcat-patrol-web { # patrol-web
- server localhost:8899;
- }
- server {
- listen 443 ssl;
- server_name www.jxydyw.cn;
- ssl_certificate cert/www.jxydyw.cn.pem; #(证书公钥)
- ssl_certificate_key cert/www.jxydyw.cn.key; #(证书私钥)
- ssl_session_timeout 5m;
- ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.1 TLSv1.2;
- ssl_ciphers HIGH:!aNULL:!MD5;
- ssl_prefer_server_ciphers on;
- #charset koi8-r;
- #access_log logs/host.access.log main;
- add_header X-Frame-Options DENY;
- add_header X-Content-Type-Options nosniff;
- add_header X-Xss-Protection 1;
- # 后端小程序接口网关 /patrol-app 开头代理到 tomcat-patrol-app
- location ^~ /patrol-app/ {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_pass http://tomcat-patrol-app/;
- }
- # 后端接口网关 /patrol-web 开头代理到 tomcat-patrol-web
- location ^~ /patrol-web/ {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_pass http://tomcat-patrol-web/;
- }
- # 静态资源
- location ^~ /media {
- root /data/patrol;
- }
- # 静态资源
- location ^~ /doc {
- root /data/patrol;
- }
-
- # 需要鉴权的资源
- location ^~ /mysql { # --with-http_auth_request_module
- auth_request /auth-proxy;
- add_header Access-Control-Allow-Origin * always;
- add_header Access-Control-Allow-Headers *;
- add_header Access-Control-Allow-Methods *;
- if ($request_method = 'OPTIONS') {
- return 204;
- }
- root /data/patrol;
- }
- # 授权校验
- location /auth-proxy {
- internal;
- proxy_pass_request_body off; # 不转发body给鉴权
- proxy_set_header Content-Length ""; # 不转发body给鉴权
- proxy_pass "http://localhost:8899/v1/system/user/check/authorize"; # 鉴权地址
- }
- # 二维码校验文件
- location ^~ /exitwritoff/TPYHrCL8Dl.txt {
- root /usr/local/patrol/code-verify;
- }
- # 二维码校验文件
- location ^~ /visited/TPYHrCL8Dl.txt {
- root /usr/local/patrol/code-verify;
- }
- # 二维码校验文件
- location ^~ /register/TPYHrCL8Dl.txt {
- root /usr/local/patrol/code-verify;
- }
- # 管理端web
- location ^~ / {
- alias /usr/local/patrol/manage-web/;
- index index.html;
- try_files $uri $uri/ /index.html;
- }
- location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|ico)$ {
- expires 30d;
- }
-
- location ~ .*\.(js|css)?$ {
- expires 15d;
- }
- # redirect server error pages to the static page /50x.html
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- root html;
- }
- }
- server
- {
- listen 80; # 监听端口
- server_name www.jxydyw.cn; # 域名
-
- location / {
- return 301 https://www.jxydyw.cn$request_uri; # 重定向
- }
- }
- }
|