ICode9

精准搜索请尝试: 精确搜索
首页 > 系统相关> 文章详细

nginx映射一个域名和多个域名进行不同配置

2021-12-21 14:33:58  阅读:119  来源: 互联网

标签:set http 映射 header 域名 nginx xx proxy ssl


主配置文件

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    #总文件限制大小
    client_max_body_size 500m; #文件限制500M
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

单独的server  一个域名映射多个地址

server {
	listen 443 ssl; #监听443端口 并开启ssl加密
	server_name int.xxxx.com; #自定义名字 一般使用域名或者localhost
	#ssl on;
	ssl_certificate  /etc/nginx/cert/5402925__xxxx.com.pem; #需要将cert-file-name.pem替换成已上传的证书文件的名称。
	ssl_certificate_key  /etc/nginx/cert/5402925__xxxx.com.key; #需要将cert-file-name.key替换成已上传的证书密钥文件的名称。
	ssl_session_timeout 5m;  #设置时间
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;#SSLv2 SSLv3 TLSv1
	ssl_prefer_server_ciphers on;
	#访问除了下面配置的所有路径都直接访问这个地址
#平台登陆地址
	location / {
		root /web/webroot/;
		index index.html;
		try_files $uri $uri/ @router;
		index index.html index.htm;
		
	}
#访问域名+ rabbitmq 自动跳转proxy_pass配置的地址
#rabbitmq后台登陆地址
	location /rabbitmq/ {
		proxy_pass  http://xx.xx.xx.xx:8080/;
		proxy_redirect default;  
		#proxy_set_header Host $host:$server_port;
		#proxy_set_header  X-Real-IP $remote_addr;
		#proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_http_version 1.1;  
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "Upgrade"; 
	}
#访问域名+ amqp自动跳转proxy_pass配置的地址
#qmqp协议访问的地址
	location /amqp/ {
		proxy_pass  http://xx.xx.xx.xx:8080/;
		proxy_http_version 1.1;  
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "Upgrade"; 
		#proxy_redirect default;  
		#proxy_set_header Host $host:$server_port;
		#proxy_set_header  X-Real-IP $remote_addr;
		#proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
	}
#访问域名+ mqtt自动跳转proxy_pass配置的地址
#mqtt协议访问地址
	location /mqtt/ {
		proxy_pass  http://xx.xx.xx.xx:8080/;
		proxy_http_version 1.1;  
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "Upgrade"; 
	}
	#minio 访问
	location /minio/ {
		proxy_pass  http://xx.xx.xx.xx:8080/;
		proxy_http_version 1.1;  
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "Upgrade"; 
	}
	#minio 访问
	location /minioweb/ {
		proxy_pass  http://xx.xx.xx.xx:8080/minio/;
		proxy_http_version 1.1;  
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "Upgrade"; 
	}
	#gateway 访问
	location /gateway-phone/ {
		proxy_pass  http://xx.xx.xx.xx:8080/;
		proxy_http_version 1.1;  
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "Upgrade"; 
	}
	#gateway-phone 访问
	location /gateway/ {
		proxy_pass  http://xx.xx.xx.xx:8080/;
		proxy_http_version 1.1;  
        proxy_set_header Upgrade $http_upgrade;  
        proxy_set_header Connection "Upgrade"; 
	}
	#apk 访问
	location /apk/ {
	  alias /intelctrl-web/apk/;
	  sendfile on;
	  autoindex on;  # 开启目录文件列表
	  autoindex_exact_size on;  # 显示出文件的确切大小,单位是bytes
	  autoindex_localtime on;  # 显示的文件时间为文件的服务器时间
	  charset utf-8,gbk;  # 避免中文乱码
	}
	
	location @router {
       rewrite "^.*$" /index.html last;
    }
}	
#如果访问6139直接重定向到https上
#docker需要映射出此端口号
server {
    listen 6139;
    server_name int.xxxx.com;
    rewrite  "^.*$" https://$server_name$1 permanent; #注意正则 一定要正确
}

增加一个域名单独映射minio或其他

server {
	listen 443 ssl; #监听443端口 并开启ssl加密
	server_name minio.xxxxx.com; #自定义名字 一般使用域名或者localhost
	#ssl on;
	ssl_certificate  /etc/nginx/cert/5402925__xx.com.pem; #需要将cert-file-name.pem替换成已上传的证书文件的名称。
	ssl_certificate_key  /etc/nginx/cert/5402925__xx.com.key; #需要将cert-file-name.key替换成已上传的证书密钥文件的名称。
	ssl_session_timeout 5m;  #设置时间
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;#SSLv2 SSLv3 TLSv1
	ssl_prefer_server_ciphers on;
	client_max_body_size 500m; #文件限制500M
	#访问除了下面配置的所有路径都直接访问这个地址
#平台登陆地址
	location / {
		proxy_pass  http://xx.xx.xx.xx:9001;
		proxy_http_version 1.1;  
        		#proxy_set_header Upgrade $http_upgrade;  
        		proxy_set_header Connection "Upgrade"; 
		proxy_set_header Host $http_host;
	}

	location @router {
    		rewrite "^.*$" https://minio.xxxxx.com$1 last;#注意正则 一定要正确
    }
}	

标签:set,http,映射,header,域名,nginx,xx,proxy,ssl
来源: https://blog.csdn.net/qq_35702394/article/details/122060790

专注分享技术,共同学习,共同进步。侵权联系[admin#icode9.com]

Copyright (C)ICode9.com, All Rights Reserved.

ICode9版权所有