本次主要是晚上上次文章写的不清楚的地方。(本文使用rsync脚本进行代码发布)
NGINX
设置反向代理的时候,可能会有多个代理服务器,需要注意写法。
首先设置反向代理的upsteam配置,例子如下:
[root@iZbp1c1040b3e0uquc0mc4Z vhosts]# cat lyt.upstream.conf
access_log off;
upstream http_peace{
server ***.**.**.123:1234 max_fails=5 fail_timeout=10s weight=2 ;
server ***.**.**.321:1234 max_fails=5 fail_timeout=10s weight=4 ;
} #注意这里后面监听的端口,别和别的项目重复了。有多个服务器,就写多个,ip不一样
server {
listen 443 ssl;
server_name lyt.root.com; #域名别写错
client_max_body_size 10m;
ssl_certificate /usr/local/nginx/conf/ssl/1234567_lyt.root.com.pem;
ssl_certificate_key /usr/local/nginx/conf/ssl/1234567_lyt.root.com.key;
#https的配置文件
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
location / {
proxy_pass http://http_peace/;#这里注意,别名和上面的一个样
#proxy_redirect default;
proxy_set_header Host $host;
proxy_connect_timeout 2s;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
接受代理的服务器,配置示例:
[root@iZbp1c1040b3e0uquc0mc4Z vhosts]# cat ip.lyt.root.com.conf
access_log off;
server {
listen 1234; #和上面监听的端口对应,切记
server_name ***.**.***.123;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
#下面都是正常的nginx配置,可以不看我的
location / {
add_header 'Access-Control-Allow-Origin' *;
root /usr/local/html/lyt/web;
index index.php index.html index.htm;
if (!-e $request_filename){
rewrite ^/(.*) /index.php?r=$1 last;
}
}
error_page 404 /404.html;
location ~ \.php$ {
add_header 'Access-Control-Allow-Origin' *;
root /usr/local/html/lyt/web;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ .*\.(html|htm|gif|jpg|jpeg|bmp|png|ico|txt|js|css|woff|woff2|ttf|eot|svg)$ {
add_header "Access-Control-Allow-Origin" "*";
add_header "Timing-Allow-Origin" "*";
root /usr/local/html/lyt/web;
expires 30d;
}
}
配置好之后,重启nginx,查看是否监听端口成功:
1.查看nginx master进程号
ps aux | grep nginx
2.根据pid查看使用的端口号
netstat -anp | grep {pid} # pid 为上面查询出来的nginx master进程号
例:netstat -anp | grep 12440
看到刚才的端口有显示就完事。
0 条评论