1
2
3
4
5
6
7
| yum -y install openssl openssl-devel pcre-devel
adduser nginx
mkdir -p /var/tmp/nginx/
touch /var/tmp/nginx/client
tar zxf nginx-1.12.2.tar.gz && tar zxf nginx_upstream_check_module.tar.gz
cd nginx-1.12.2
./configure --prefix=/usr/local/nginx --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --lock-path=/var/lock/nginx.lock --user=nginx --group=nginx --with-http_ssl_module --with-http_flv_module --with-http_stub_status_module --with-http_gzip_static_module --http-client-body-temp-path=/var/tmp/nginx/client --http-proxy-temp-path=/var/tmp/nginx/proxy --http-fastcgi-temp-path=/var/tmp/nginx/fcgi --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --http-scgi-temp-path=/var/tmp/nginx/scgi --with-pcre --with-file-aio --with-http_secure_link_module --add-module=/usr/local/src/nginx_upstream_check_module --with-stream --with-stream_ssl_module
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| yum install httpd-tools -y
htpasswd -c -d /usr/local/nginx/conf/pass_file zzcadmin
server {
......
auth_basic "登录认证";
auth_basic_user_file /usr/local/nginx/conf/pass_file;
......
}
# 使用wget
wget --http-user=zzcadmin --http-passwd=123456 http://test.intellicredit.com/xxx.zip
# 使用curl
curl -u zzcadmin:123456 -O http://test.intellicredit.com/xxx.zip
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
| events{} #nginx性能
stream{
upstream{
}
server{
location{
}
}
} #四层转发
http{
upstream{
}
server{
location{
}
}
} #七层转发
http {
include /usr/local/nginx/conf.d/*.conf; #调用/usr/local/nginx/conf.d/下的配置文件
}
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
| server {
listen 18001;
access_log /var/log/nginx/bl_http.log ngx_accss_json;
location /status {
stub_status on;
access_log off;
allow 127.0.0.1;
allow 10.0.17.27;
allow 10.0.1.142;
deny all;
}
location / {
proxy_http_version 1.1;
proxy_set_header Connection "";
__proxy_pass http://bl_tomcat;__
#Proxy Settings
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_ignore_client_abort on;
proxy_max_temp_file_size 0;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| server {
listen 8443 ssl;
server_name *.intellicredit.cn;
root html;
ssl on;
ssl_certificate /usr/local/nginx/certs/intellicre.crt;
ssl_certificate_key /usr/local/nginx/certs/intellicredit.cn.key;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 20m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
access_log /var/log/nginx/bl_https.log;
location / {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass https://tomcat;
#Proxy Settings
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_max_temp_file_size 0;
proxy_ignore_client_abort on;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
|
1
2
3
4
5
6
7
8
9
10
11
12
| stream {
upstream test {
hash $remote_addr consistent;
server 1.1.1.1:80 weight=100;
}
server {
listen 8080;
proxy_connect_timeout 5s;
proxy_timeout 5s;
proxy_pass test;
}
}
|
