Gauss Boot

Appearance

Nginx 常见配置

四层代理

四层代理主要工作于OSI模型中的传输层,传输层主要处理消息的传递,而不管消息的内容。TCP就是常见的四层协议。 四层代理主要用于端口转发等。

带有负载的端口转发配置

下面例子是一个带有负载的443和80端口转发

events {}

stream {
  upstream k3s_ssl {
    server 10.108.132.61:443;
    server 10.108.132.62:443;
  }
  upstream k3s_http {
    server 10.108.132.61:80;
    server 10.108.132.62:80;
  }



  server {
    listen 443;
    proxy_pass k3s_ssl;
  }
  server {
    listen 80;
    proxy_pass k3s_http;
  }

}

七层代理

重定向

可以指定任意路径跳转到指定路径

server {
    listen       80;
    listen  [::]:80;
    client_max_body_size 100m;
    server_name  localhost;

    location / {
        rewrite ^(.*) https://cloud-api-inner.tineco.com/ntlmv2/sso redirect;
    }
}

静态缓存加速

对于某些前端页面,可以使用缓存来加速加载,类似于cdn

proxy_cache_path /tmp/cache levels=1:2 keys_zone=mycache:100m max_size=1g;

server {
    listen       80;
    listen  [::]:80;
    client_max_body_size 100m;
    server_name  localhost;

    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        proxy_ssl_server_name on;
        proxy_ssl_name $host;
        proxy_http_version 1.1;
        keepalive_timeout 0;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Client-IP $proxy_add_x_forwarded_for;
        proxy_pass https://10.108.113.10;
    }
    # 开启缓存
    location ~ .*\.(eot|ttf|ttc|woff|gif|jpg|jpeg|bmp|png|ico|js|css)$ {
        proxy_ssl_server_name on;
        proxy_ssl_name $host;
        proxy_http_version 1.1;
        keepalive_timeout 0;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Client-IP $proxy_add_x_forwarded_for;
        proxy_cache mycache;
        proxy_cache_valid 200 302 5m;
        add_header cache $upstream_cache_status;
        proxy_pass https://10.108.113.10;
    }
}

websocket配置 

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

upstream websocket {
    server localhost:8282; # appserver_ip:ws_port
}

server {
     server_name localhost;
     listen 80;
     location / {
         proxy_pass http://websocket;
         proxy_read_timeout 300s;
         proxy_send_timeout 300s;

         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection $connection_upgrade;
     }
}