首先 安装nginx ,在nginx.conf 中引入
include /app/conf/nginx/vhosts/*.conf; 配置
并在conf/vhosts 目录 中配置virtual.conf (代理了tomcat8080) ssl.conf(代理tomcat并支持https) 并在conf下加入 proxy.conf
virtual.conf
upstream tomcat {
???server ??127.0.0.1:8080;
???keepalive 1024;
}
server {
???listen ??????80;
???server_name ?t2625430001-gotpc.gtarcade.com 127.0.0.1;
???keepalive_timeout 10;
???#error_page 500 502 404.html;
???#error_page ?404 403 500 502 ???????????http://36.youzu.com/504.htm;
???#limit_conn ??crawler ?20;
???location /status {
???????stub_status on;
???????access_log on;
???}
???location ~ ^/(WEB-INF)/ {
????????deny all;
???}
???location /{
???????add_header ?????????????Cache-Control "no-cache, no-store, max-age=0, must-revalidate";
???????add_header ?????????????Pragma no-cache;
???????proxy_pass http://tomcat;
???}
?}
ssl.conf 由于本地tomcat配置在8080,这里被代理了。会直接跳转,而且省去了tomcat配置ssl,只需要nginx配置就可以了。
upstream tomcathttps {
???server ??127.0.0.1:8080;
}
server {
???listen ??????443 backlog=8192;
???server_name t2625430001-gotpc.gtarcade.com 127.0.0.1;
???????ssl on;
???????ssl_certificate ssl/gtarcade.com.crt;
???????ssl_certificate_key ssl/gtarcade.com.key;
???????ssl_session_timeout 5m;
???????ssl_protocols SSLv2 SSLv3 TLSv1;
???????ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
???????ssl_prefer_server_ciphers on;
location /status {
???????stub_status on;
???????access_log on;
???}
???location /{
???????add_header ?????????????Cache-Control "no-cache, no-store, max-age=0, must-revalidate";
???????add_header ?????????????Pragma no-cache;
???????proxy_pass http://tomcathttps;
???????include proxy.conf;
???}
}
proxy.conf
#!nginx (-)
## proxy.conf
proxy_redirect ?????????off;
proxy_set_header ???????Host ???????????$host;
proxy_set_header ???????X-Real-IP ??????$remote_addr;
proxy_set_header ???????X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto ?$scheme;
client_max_body_size ???10m;
client_body_buffer_size 128k;
proxy_connect_timeout ??600;
proxy_send_timeout ?????600;
proxy_read_timeout ?????600;
proxy_buffers ??????????32 32k;
client_socket.conf
server {
???listen ??????47790;
???server_name ?dev-fcdn-pcgot.uuzuonline.net 10.22.3.29 127.0.0.1;
???#add_header Content-Encoding gzip;
???root ?/var/local/gotpc;
???autoindex on;
}
client.xml
server {
???listen ??????80;
???server_name ?dev-cdn-pcgot.youzu.com 10.22.3.29 127.0.0.1;
???gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/vnd.unity;
???#add_header Content-Encoding gzip;
???root ?/var/local/gotpc_qa20180820214652/;
???autoindex on;
}
然后重启nginx
另外,在tomcat conf/server.xml中加入
tomcat server.xml
????????<Valve className="org.apache.catalina.valves.RemoteIpValve"
??????????????remoteIpHeader="X-Forwarded-For"
??????????????protocolHeader="X-Forwarded-Proto"
??????????????protocolHeaderHttpsValue="https"/>
另外一个 指令
dig fs2625430001-pcgot.gtarcade.com.uuzuonline.net
tomcat支持 https
原文地址:https://www.cnblogs.com/vana/p/9687210.html