我一个服务器上安了一个nginx,放了一组静态网页,然后配置了https协议,但是静态网页里面
请求的是本机上一个springboot的项目,端口是8080,我现在访问不了接口,nginx怎么配置啊
微信扫一扫2条回答 默认 最新
- 玄尺 2018-09-25 11:04已采纳
像这种nginx负载均衡器都是具备https去壳功能,外部请求访问nginx,采用的协议是https,nginx与web服务器是http协议,使用代理就可以了。我贴一个demo配置供参考:
user root root; worker_processes 8; error_log /usr/local/nginx/logs/error.log info; pid /usr/local/nginx/nginx.pid; worker_rlimit_nofile 65535; events { use epoll; worker_connections 65535; } http { include mime.types; default_type application/octet-stream; sendfile on; tcp_nopush on; gzip on; keepalive_timeout 30; keepalive_requests 10; client_header_buffer_size 4k; open_file_cache max=65535 inactive=60s; open_file_cache_valid 80s; open_file_cache_min_uses 1; open_file_cache_errors on; geo $whiteiplist { default 1; 127.0.0.1/32 0; 218.245.64.130/32 0; 101.90.254.10/32 0; } map $whiteiplist $limit{ 1 $binary_remote_addr; 0 ""; } limit_req_zone $limit zone=ips:10m rate=20r/m; upstream testLB { server 192.168.40.4:101 weight=5; server 192.168.40.4:102 weight=5; server 192.168.40.4:103 weight=5; check interval=3000 rise=2 fall=5 timeout=1000 type=http; check_http_send "GET /hello HTTP/1.0\r\n\r\n"; check_http_expect_alive http_2xx http_3xx; } server { listen 80; server_name lyf-test-http; ssl on; ssl_certificate /usr/local/nginx/conf/_.xxx.com.crt; ssl_certificate_key /usr/local/nginx/conf/_.xxx.com.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { limit_req zone=ips burst=5 nodelay; root html; index index.html; proxy_pass http://testLB; proxy_http_version 1.1; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /nginx/monitor { allow 218.245.64.130; deny all; access_log off; stub_status on; } location /nginx/backend/health/check { allow xxx.xxx.xxx.xxx; deny all; access_log off; check_status; } } }点赞 打赏 评论分享 - 玄尺 2018-09-25 11:05
功能很全了,包含IP白名单,IP限流,负载均衡,健康检查,真实IP、监控等功能
点赞 打赏 评论分享