diff --git a/Nginx.py b/Nginx.py new file mode 100644 index 0000000..196a76a --- /dev/null +++ b/Nginx.py @@ -0,0 +1,138 @@ +proxy_cache_path /www/wwwroot/192.168.153.165/proxy_cache_dir levels=1:2 keys_zone=192_168_153_165_cache:20m inactive=1d max_size=5g; +# 可设置server|upstream|map等所有http字段,如: +# server { +# listen 10086; +# server_name ... +# } +# upstream stream_ser { +# server back_test.com; +# server ... +# } +# 如果反代网站访问异常且这里已经配置了内容,请优先排查此处的配置是否正确 + +upstream backend_servers { + server 192.168.61.165:5000; + server 192.168.61.135:5000; + server 192.168.61.136:5000; + # 如果有其他服务器,可以添加在这里 + # server another_backend.example.com:5000; +} +server { + listen 80; + +listen [::]:80; + + server_name 192.168.61.165; + index index.php index.html index.htm default.php default.htm default.html; + root /www/wwwroot/192.168.153.165; + + #CERT-APPLY-CHECK--START + # 用于SSL证书申请时的文件验证相关配置 -- 请勿删除 + include /www/server/panel/vhost/nginx/well-known/192.168.153.165.conf; + #CERT-APPLY-CHECK--END + + #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则 + #error_page 404/404.html; + #SSL-END + #REDIRECT START + + #REDIRECT END + + #ERROR-PAGE-START 错误页配置,可以注释、删除或修改 + #error_page 404 /404.html; + #error_page 502 /502.html; + #ERROR-PAGE-END + + #PHP-INFO-START PHP引用配置,可以注释或修改 + + include enable-php-00.conf; + #PHP-INFO-END + + #IP-RESTRICT-START 限制访问ip的配置,IP黑白名单 + + + #IP-RESTRICT-END + + #BASICAUTH START + + #BASICAUTH END + + #SUB_FILTER START + + #SUB_FILTER END + + #GZIP START + + #GZIP END + + #GLOBAL-CACHE START + + #GLOBAL-CACHE END + + #WEBSOCKET-SUPPORT START + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + #WEBSOCKET-SUPPORT END + + #PROXY-CONF-START + location ^~ / { + + + proxy_pass http://backend_servers; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Real-Port $remote_port; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header REMOTE-HOST $remote_addr; + proxy_connect_timeout 60s; + proxy_send_timeout 600s; + proxy_read_timeout 600s; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + + + + + + } + + #PROXY-CONF-END + + #SERVER-BLOCK START + # 可设置server|location等所有server字段,如: +# location /web { +# try_files $uri $uri/ /index.php$is_args$args; +# } +# error_page 404 /diy_404.html; +# 如果反代网站访问异常且这里已经配置了内容,请优先排查此处的配置是否正确 + +location /static{ + +alias /www/python/yunwei/yunwei/static; + +} + #SERVER-BLOCK END + + #禁止访问的文件或目录 + location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md) + { + return 404; + } + + #一键申请SSL证书验证目录相关设置 + location /.well-known{ + allow all; + } + + #禁止在证书验证目录放入敏感文件 + if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) { + return 403; + } + + #LOG START + access_log /www/wwwlogs/192.168.153.165.log; + error_log /www/wwwlogs/192.168.153.165.error.log; + #LOG END +} \ No newline at end of file diff --git a/README.docx b/README.docx new file mode 100644 index 0000000..b88fb06 Binary files /dev/null and b/README.docx differ