【nginx】配置 - 《Nginx 学习笔记》

#user  nobody;
worker_processes  4;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  8192;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request,,GL-Uid:$http_GL_Uid,,GL-Version:$http_GL_Version,,GL-DeviceId:$http_GL_DeviceId" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" "$my_scheme://$host:$server_port:$my_https" $upstream_addr $request_time $upstream_response_time';
    log_format message '$time_local "$request" $status $http_CurTime $http_MD5 "$http_user_agent"';
    access_log  logs/access.log  main;
        ssi on;
        ssi_silent_errors       off;
    sendfile        on;
    tcp_nopush      on;
    tcp_nodelay     on;
    client_header_timeout 5s;
    client_body_timeout 15s;
    send_timeout 15s;
    resolver_timeout 5s;
    types_hash_max_size 2048;
    types_hash_bucket_size 64;
    server_names_hash_bucket_size 64;
#    keepalive_timeout  0;
    keepalive_timeout 60s;
    keepalive_requests 1024;
    server_tokens  off;
    gzip  on;
    gzip_disable "msie6";
    gzip_min_length 1024;
    gzip_proxied any;
    gzip_comp_level 3;
    gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png application/javascript;
    set_real_ip_from 10.0.0.0/8;
    real_ip_header proxy_protocol;
    include http_common.conf;
        upstream backend-app-server {
        server 127.0.0.1:8888 max_fails=3 fail_timeout=20s;
        keepalive 2000;
    }
    upstream backend-search-server {
        server 127.0.0.1:8788 max_fails=3 fail_timeout=20s;
        keepalive 2000;
    }
    upstream backend-im-server {
        server 10.202.32.27:9588 max_fails=3 fail_timeout=20s;
        keepalive 2000;
    }
    # god-dev-in.gameyw.netease.com, 内网lbc
    server {
        listen       80 proxy_protocol;
        server_name  god-dev-in.gameyw.netease.com;
        # 限制内网ip
        allow 10.0.0.0/8;
        deny  all;
#        include location-block-url.conf;
        location /v1/app {
            include location-cors-common-test.conf;
            proxy_pass    http://backend-app-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $http_x_forwarded_for;
        }
                location /v1/search {
            include location-cors-common-test.conf;
            proxy_pass    http://backend-search-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
        }
        location /v1/server {
            proxy_pass    http://backend-app-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
        }
    }
    # god-test.gameyw.netease.com， 外网lbc
    server {
        listen       80 proxy_protocol;
        server_name  god-test.gameyw.netease.com god-dev.gameyw.netease.com;
        root /home/website;
        set $my_scheme "http";
        if ($http_x_forwarded_proto = 'https'){
            set $my_scheme "https";
            set $my_https "on";
        }
        location / {
            root   /home/website;
            index  index.html index.htm;
        }
#        include location-block-url.conf;
        location /v1/app {
            include location-cors-common-test.conf;
                        proxy_pass    http://backend-app-server;
                        proxy_set_header host $host:$server_port;
                        proxy_set_header X-Real-IP $http_x_forwarded_for;
        }
        location /v1/log {
            include location-cors-common-test.conf;
            proxy_pass    http://backend-app-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $http_x_forwarded_for;
        }
        location /v1/im/ {
            include location-cors-common-test.conf;
            proxy_pass    http://backend-im-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $http_x_forwarded_for;
        }
        location /v1/gameServer {
            proxy_pass    http://backend-app-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $http_x_forwarded_for;
        }
        location /v1/search {
            include location-cors-common-test.conf;
            proxy_pass    http://backend-search-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
        }
        location /v1/server {
            #图片审核系统调用
            allow 60.191.80.12;
            allow 60.191.80.11;
            allow 60.191.80.19;
                        #cc图片审核
                        allow 218.107.55.252;
            allow 218.107.55.254;
            allow 218.107.55.253;
            deny  all;
            proxy_pass    http://backend-app-server;
            proxy_set_header host $host:$server_port;
            proxy_set_header X-Real-IP $remote_addr;
        }
        location ~ ^/(swagger|webjars|v2/api|doc) {
                        allow 58.248.246.3;
                        allow 218.107.55.254;
                        allow 218.107.55.252;
                        deny all;
#            proxy_pass    http://backend-app-server;
                        rewrite ^ http://god-dev.gameyw.netease.com:8080/app-swagger/swagger-ui.html permanent;
        }
        location /dashen/messageCallback {
            access_log logs/message.log message;
            return 200;
        }
    }
}