|
|
@ -0,0 +1,138 @@
|
|
|
|
|
|
|
|
proxy_cache_path /www/wwwroot/192.168.153.165/proxy_cache_dir levels=1:2 keys_zone=192_168_153_165_cache:20m inactive=1d max_size=5g;
|
|
|
|
|
|
|
|
# 可设置server|upstream|map等所有http字段,如:
|
|
|
|
|
|
|
|
# server {
|
|
|
|
|
|
|
|
# listen 10086;
|
|
|
|
|
|
|
|
# server_name ...
|
|
|
|
|
|
|
|
# }
|
|
|
|
|
|
|
|
# upstream stream_ser {
|
|
|
|
|
|
|
|
# server back_test.com;
|
|
|
|
|
|
|
|
# server ...
|
|
|
|
|
|
|
|
# }
|
|
|
|
|
|
|
|
# 如果反代网站访问异常且这里已经配置了内容,请优先排查此处的配置是否正确
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
upstream backend_servers {
|
|
|
|
|
|
|
|
server 192.168.61.165:5000;
|
|
|
|
|
|
|
|
server 192.168.61.135:5000;
|
|
|
|
|
|
|
|
server 192.168.61.136:5000;
|
|
|
|
|
|
|
|
# 如果有其他服务器,可以添加在这里
|
|
|
|
|
|
|
|
# server another_backend.example.com:5000;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
|
|
|
listen 80;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
listen [::]:80;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
server_name 192.168.61.165;
|
|
|
|
|
|
|
|
index index.php index.html index.htm default.php default.htm default.html;
|
|
|
|
|
|
|
|
root /www/wwwroot/192.168.153.165;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#CERT-APPLY-CHECK--START
|
|
|
|
|
|
|
|
# 用于SSL证书申请时的文件验证相关配置 -- 请勿删除
|
|
|
|
|
|
|
|
include /www/server/panel/vhost/nginx/well-known/192.168.153.165.conf;
|
|
|
|
|
|
|
|
#CERT-APPLY-CHECK--END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
|
|
|
|
|
|
|
|
#error_page 404/404.html;
|
|
|
|
|
|
|
|
#SSL-END
|
|
|
|
|
|
|
|
#REDIRECT START
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#REDIRECT END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#ERROR-PAGE-START 错误页配置,可以注释、删除或修改
|
|
|
|
|
|
|
|
#error_page 404 /404.html;
|
|
|
|
|
|
|
|
#error_page 502 /502.html;
|
|
|
|
|
|
|
|
#ERROR-PAGE-END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#PHP-INFO-START PHP引用配置,可以注释或修改
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
include enable-php-00.conf;
|
|
|
|
|
|
|
|
#PHP-INFO-END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#IP-RESTRICT-START 限制访问ip的配置,IP黑白名单
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#IP-RESTRICT-END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#BASICAUTH START
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#BASICAUTH END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#SUB_FILTER START
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#SUB_FILTER END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#GZIP START
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#GZIP END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#GLOBAL-CACHE START
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#GLOBAL-CACHE END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#WEBSOCKET-SUPPORT START
|
|
|
|
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
|
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
|
|
|
|
|
|
proxy_set_header Connection $connection_upgrade;
|
|
|
|
|
|
|
|
#WEBSOCKET-SUPPORT END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#PROXY-CONF-START
|
|
|
|
|
|
|
|
location ^~ / {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
proxy_pass http://backend_servers;
|
|
|
|
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
|
|
|
|
proxy_set_header X-Real-Port $remote_port;
|
|
|
|
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
|
|
|
proxy_set_header REMOTE-HOST $remote_addr;
|
|
|
|
|
|
|
|
proxy_connect_timeout 60s;
|
|
|
|
|
|
|
|
proxy_send_timeout 600s;
|
|
|
|
|
|
|
|
proxy_read_timeout 600s;
|
|
|
|
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
|
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
|
|
|
|
|
|
proxy_set_header Connection $connection_upgrade;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#PROXY-CONF-END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#SERVER-BLOCK START
|
|
|
|
|
|
|
|
# 可设置server|location等所有server字段,如:
|
|
|
|
|
|
|
|
# location /web {
|
|
|
|
|
|
|
|
# try_files $uri $uri/ /index.php$is_args$args;
|
|
|
|
|
|
|
|
# }
|
|
|
|
|
|
|
|
# error_page 404 /diy_404.html;
|
|
|
|
|
|
|
|
# 如果反代网站访问异常且这里已经配置了内容,请优先排查此处的配置是否正确
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
location /static{
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
alias /www/python/yunwei/yunwei/static;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
#SERVER-BLOCK END
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#禁止访问的文件或目录
|
|
|
|
|
|
|
|
location ~ ^/(\.user.ini|\.htaccess|\.git|\.env|\.svn|\.project|LICENSE|README.md)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
return 404;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#一键申请SSL证书验证目录相关设置
|
|
|
|
|
|
|
|
location /.well-known{
|
|
|
|
|
|
|
|
allow all;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#禁止在证书验证目录放入敏感文件
|
|
|
|
|
|
|
|
if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
|
|
|
|
|
|
|
|
return 403;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#LOG START
|
|
|
|
|
|
|
|
access_log /www/wwwlogs/192.168.153.165.log;
|
|
|
|
|
|
|
|
error_log /www/wwwlogs/192.168.153.165.error.log;
|
|
|
|
|
|
|
|
#LOG END
|
|
|
|
|
|
|
|
}
|