default.conf配置
server {
listen 80;
server_name sunfj.cn;
## root www/mimvp_proxy;
rewrite ^(.*)host$1 permanent;##强制http转https请求
}
server {
listen 443 ssl http2;
server_name xxx.cn;
## root www/mimvp_proxy;
ssl on;
ssl_certificate /etc/ssl/certs/xxx.crt;
ssl_certificate_key /etc/ssl/certs/xxx.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass /*proxy address*/;
}
location ~ .do$ {
proxy_pass /*proxy address*/;
}
location ~* ^/(images|img|javascript|js|css|blog|flash|media|static)/ {
proxy_pass /*proxy address*/;
}
location ~* ^/favicon\.ico {
proxy_pass /*proxy address*/;
}
location ~* ^/img/logo\.png {
proxy_pass /*proxy address*/;
}
location ~ /\.ht {
deny all;
}
}
nginx.conf配置
- 转发请求对应的header参数:underscores_in_headers on;
- 超时时间配置(全局):
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
docker操作
- 启动Nginx命令:
docker run --name some-nginx -v /some/content:/usr/share/nginx/html:ro -d nginx
- 反向代理启动命令:
docker run --name nginx -p 80:80 -p 443:443 -v /home/data/nginx/nginx.conf:/etc/nginx/nginx.conf -v /home/data/nginx/conf.d:/etc/nginx/conf.d -v /etc/ssl/certs:/etc/ssl/certs -d nginx
来源:oschina
链接:https://my.oschina.net/u/3510805/blog/3193649