API Nginx | 2021-06-18

https://openapi.78798.in 47.242.154.173

--https://pvapp.78798.in/api/v1/test

【有JOB】http://47.242.80.17:8080/api/v1/test
47.242.80.17（公）172.31.155.10（私有)
【无JOB】http://47.243.144.203:8082/api/v1/test
47.243.144.203（公）172.31.155.15（私有）

之前

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
# 运行用户，默认是nginx

worker_processes auto;
# nginx进程数,一般设置为和cpu核数一样

error_log /var/log/nginx/error.log;
# 全局错误日志路径

pid /run/nginx.pid;
# 进程pid路径

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
# 负载动态模块
include /usr/share/nginx/modules/*.conf;

events {
# 工作模式与连接数上限
    worker_connections 1024;
   # 单个进程的最大连接数
}

http {
# 设置http服务器
    log_format  main  '$http_host $server_addr $remote_addr [$time_local] "$request" $status  $request_body  $body_bytes_sent "$http_referer" "$http_user_agent" $request_time $upstream_response_time';
    # 设置日志的格式

    access_log  /var/log/nginx/access.log  main;
    # 访问日志的路径

    sendfile            on;
    # 开启高效传输模式
    tcp_nopush          on;
    # 激活tcp_nopush参数可以允许把http response header和文件的开始放在一个文件里发布，作用是减少网络报文段的数量
    tcp_nodelay         on;
    # 激活tcp_nodelay，内核会等待将更多的字节组成一个数据包，从而提高I/O性能
    keepalive_timeout   65;
    # 长连接超时时间，单位是秒
    types_hash_max_size 2048;
    # 为了快速处理静态数据集，例如服务器名称， 映射指令的值，MIME类型，请求头字符串的名称，nginx使用哈希表

    include             /etc/nginx/mime.types;
    # 文件扩展名与类型映射表
    default_type        application/octet-stream;
    # 默认文件类型

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # 加载模块化配置文件
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
 
    server {
        listen       443 ssl http2 ;
        server_name  pvapp.78798.in;
        #ssl on;
        ssl_certificate /etc/nginx/cert/78798.in.pem;
        ssl_certificate_key /etc/nginx/cert/78798.in.key;
        #ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        #ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;
        #ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        #ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:HIGH;
        ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA
-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GC
M-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";

        large_client_header_buffers 4 16k;
        client_max_body_size 10m;
        client_body_buffer_size 128k;
        proxy_connect_timeout 300;
        proxy_read_timeout 300;
        proxy_send_timeout 300;
        proxy_buffer_size 64k;
        proxy_buffers 4 32k;
        proxy_busy_buffers_size 64k;
        proxy_temp_file_write_size 64k;

        location / { 
            proxy_pass http://172.31.155.10:8080;
            proxy_set_header X-Real-IP  $remote_addr;
            #proxy_set_header Host      78798.in;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#            uwsgi_send_timeout 600;
#            uwsgi_connect_timeout 600;
#            uwsgi_read_timeout 600;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

    server {
        listen       443 ssl http2 ;
        server_name  openapi.78798.in;
        #ssl on;
        ssl_certificate /etc/nginx/cert/78798.in.pem;
        ssl_certificate_key /etc/nginx/cert/78798.in.key;
        #ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        #ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;
        #ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
        #ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:HIGH;
        ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA
-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GC
M-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";

        large_client_header_buffers 4 16k;
        client_max_body_size 10m;
        client_body_buffer_size 128k;
        proxy_connect_timeout 300;
        proxy_read_timeout 300;
        proxy_send_timeout 300;
        proxy_buffer_size 64k;
        proxy_buffers 4 32k;
        proxy_busy_buffers_size 64k;
        proxy_temp_file_write_size 64k;

        location / { 
            proxy_pass http://172.31.155.10:8080;
            proxy_set_header X-Real-IP  $remote_addr;
            #proxy_set_header Host      78798.in;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#            uwsgi_send_timeout 600;
#            uwsgi_connect_timeout 600;
#            uwsgi_read_timeout 600;
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }



}