#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; #keepalive_timeout 0; keepalive_timeout 65; #开启gzip gzip off; #nginx对于静态文件的处理模块,开启后会寻找以.gz结尾的文件,直接返回,不会占用cpu进行压缩,如果找不到则不进行压缩 gzip_static on; #nginx做前端代理时启用该选项,表示无论后端服务器的headers头返回什么信息,都无条件启用压缩 gzip_proxied expired no-cache no-store private auth; #低于10kb的资源不压缩 gzip_min_length 10k; #设置压缩所需要的缓冲区大小 gzip_buffers 4 16k; #设置gzip压缩针对的HTTP协议版本 gzip_http_version 1.0; #压缩级别1-9,越大压缩率越高,同时消耗cpu资源也越多,建议设置在5左右。 gzip_comp_level 5; #需要压缩哪些响应类型的资源,多个空格隔开。不建议压缩图片. gzip_types text/plain application/javascript application/x-javascript text/javascript text/xml text/css application/xml; #配置禁用gzip条件,支持正则。此处表示ie6及以下不启用gzip(因为ie低版本不支持) gzip_disable "MSIE [1-6]\."; #是否添加“Vary: Accept-Encoding”响应头 gzip_vary on; #ip限流每秒最多1000个请求 limit_req_zone $binary_remote_addr zone=myRateLimit:15m rate=1000r/s; #限制并发连接数 limit_conn_zone $binary_remote_addr zone=perip:10m; limit_conn_zone $server_name zone=perserver:10m; server { listen 2080; server_name webServer; #dist上传的路径 root /usr/share/nginx/html; index index.html index.htm; charset utf-8; proxy_set_header HOST $host; proxy_set_header X-Forwarded-Proto $scheme; # 获取客户端真实IP proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-Port $remote_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 支持websocket连接 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # 限制并发连接数 #limit_conn perip 10; #每个IP最多10个并发连接 # 客户端请求体限制10MB client_max_body_size 10m; # 避免访问出现 404 错误 location / { root /usr/share/nginx/html; #dist上传的路径 index index.html index.htm; try_files $uri $uri/ @router; } # 生产环境(http) location ^~/api { # 去除api前缀 rewrite ^/api/(.*)$ /$1 break; # 代理到后端服务器 proxy_pass http://flow-app:9089/; # 限流,每秒最多1000个请求 limit_req zone=myRateLimit burst=100 nodelay; #每个IP最多50个并发连接 limit_conn perip 50; } # 生产环境(socket) location ^~/ws { # 去除ws前缀 rewrite ^/ws/(.*)$ /$1 break; # 代理到后端服务器 proxy_pass http://flow-app:9089/; # 支持websocket连接 proxy_http_version 1.1; # 确保使用 HTTP/1.1 proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } location @router { rewrite ^.*$ /index.html last; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} }