前端tenginx 配置
cat /usr/local/tengine/conf/nginx.conf
user nginx nginx;
worker_processes auto;
worker_cpu_affinity auto;
error_log /var/log/tengine/error.log crit;
pid /var/run/nginx.pid;
google_perftools_profiles /var/tmp/tcmalloc;
worker_rlimit_nofile 65535;
dso {
load ngx_http_rewrite_module.so;
load ngx_http_access_module.so;
load ngx_http_concat_module.so;
load ngx_http_limit_conn_module.so;
load ngx_http_limit_req_module.so;
load ngx_http_upstream_session_sticky_module.so;
load ngx_http_cache_purge_module.so;
load ngx_http_trim_filter_module.so;
}
events {
use epoll;
worker_connections 10240;
}
http {
proxy_ignore_client_abort on;
add_header Access-Control-Allow-Origin *;
server_tokens off;
server_tag off;
autoindex off;
access_log off;
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 10m;
client_body_buffer_size 256k;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
proxy_connect_timeout 600;
proxy_read_timeout 600;
proxy_send_timeout 600;
proxy_buffer_size 128k;
proxy_buffers 4 128k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_headers_hash_max_size 1024;
proxy_headers_hash_bucket_size 128;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_temp_path /data/nginx_temp/nginx_temp;
proxy_cache_path /data/nginx_temp/nginx_cache levels=1:2 keys_zone=cache_one:2048m inactive=30m max_size=60g;
include SET/*.conf;
log_format access '$HTTP_X_REAL_IP - $remote_user [$time_local] "$request"'
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $HTTP_X_Forwarded_For';
server {
sysguard on;
sysguard_load load=10.5 action=/loadlimit;
sysguard_mem swapratio=20% action=/swaplimit;
sysguard_mem free=100M action=/freelimit;
location /loadlimit {
return 503;
}
location /swaplimit {
return 503;
}
location /freelimit {
return 503;
}
}
include /usr/local/tengine/conf/conf.d/*.conf;
}
cat cdn.conf
server {
listen 80;
server_name cdn.com;
error_log cdn.error;
if ($time_iso8601 ~ "^(d{4})-(d{2})-(d{2})T(d{2}):(d{2}):(d{2})")
{
set $year1 $1;
set $month1 $2;
set $day1 $3;
set $hour1 $4;
set $minutes1 $5;
set $seconds1 $6;
}
access_log /opt/log/cdn-$year-$month-$day.log;
location /webscan_360_cn.html
{
root /usr/local/tengine/html/cdn;
}
location / {
proxy_pass http://ip2:8180/;
}
}
cat h5.conf
server {
listen 80;
server_name h5.com;
index index.html index.htm index.php;
access_log on;
trim on;
location /webscan_360_cn.html
{
root /usr/local/tengine/html/h5;
}
location / {
proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_header;
proxy_pass http://h5;
if ($http_range ~ "\d{9,}") {
return 444;
}
if ( $host !~* 'h5.com' ) {
return 403;
}
} location ~ .*\.(php)?$ {
proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_header;
proxy_pass http://h5;
}
location ~ /purge(/.*) {
allow 127.0.0.1;
allow 198.x.x.0/24;
deny all;
}
location ~ .*\.(htm|js|css|gif|jpg|jpeg|png|bmp|ico|swf|flv)$ {
proxy_next_upstream http_500 http_502 http_503 http_504 error timeout invalid_header;
proxy_cache cache_one;
proxy_cache_valid 200 304 15m;
proxy_cache_valid 301 302 10m;
proxy_cache_valid any 1m;
proxy_cache_key $host$uri$is_args$args;
add_header Ten-webcache '$upstream_cache_status from $host';
proxy_pass http://h5;
expires 30m;
}
#上满这段无效
location ~ /\.ht {
deny all;
}
access_log /data/logs/web/h5/access.log access;
}
后端的nginx 配置(ip2)
cat cdn.conf
server {
listen 8180;
server_name cdn.com;
access_log cdn.log;
error_log cdn.error;
root xx;
location / {
index index.php index.html index.htm;
}
location ~ ^/(p_w_picpaths|javascript|js|css|flash|media|static|html)/ {
expires 10s;
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /.ht {
deny all;
}
}
查看后端服务器状态
location /nstatus {
check_status;
#access_log off;
#allow SOME.IP.ADD.RESS;
#deny all;
}
