生产环境nginx配置文件(带https安全认证)

#user www www;worker_processes ?2;error_log ?logs/error.log ?info;pid ???????/usr/local/nginx/nginx.pid;worker_rlimit_nofile 65535;events { ???use epoll; ???worker_connections ?65535;}http { ???include ??????mime.types; ???default_type ?application/octet-stream; ?????log_format ?main ?‘$remote_addr - $remote_user [$time_local] "$request" ‘ ??????????????????????????????????‘$status $body_bytes_sent "$http_referer" ‘ ??????????????????????????????????‘"$http_user_agent" "$http_x_forwarded_for"‘; ???access_log ?logs/access.log ?main; ???server_names_hash_bucket_size 128; ???client_header_buffer_size 512k; ???large_client_header_buffers 4 512k; ???client_body_buffer_size ???30m; ???client_max_body_size 100m; ????server_tokens off; ???ignore_invalid_headers ??on; ???recursive_error_pages ???on; ???sendfile ????????????????on; ???tcp_nopush ????on; ???tcp_nodelay ???on; ???keepalive_timeout ?65; ???gzip ?on; ???gzip_min_length ?1k; ???gzip_http_version 1.0; ???gzip_comp_level 2; ???gzip_types ??????text/plain application/x-javascript text/css application/xml; ???????????upstream truck { ???????ip_hash; ???????server 10.74.**.**:8080; ??????????????????} ???????upstream model{ ?????server 10.74.**.**:8080; ???} ???????????upstream mvsp{ ?????server 10.74.**.**:6006; ???} ???????upstream fastdfs{ ?????server 10.74.**.**:8080; ???} ???????????server { ???????listen 80; ???????server_name isafety.mintaian.com; ???????????????#永久重定向到 https 站点 ???????return ?????301 https://$server_name$request_uri; ???????} ???????#server { ???#listen ??????80; ???#server_name ?isafety.mintaian.com; ???# ???# ???#location ~* /{ ???# ?proxy_pass http://truck; ???# ???????????????????proxy_set_header ???????Host $host:80; ???# ???????????????????proxy_set_header ???????X-Real-IP $remote_addr; ???# ???????????????????proxy_set_header ???????X-Forwarded-For $proxy_add_x_forwarded_for; ???# ???????????????????client_max_body_size 400m; ???# ???????????????????proxy_connect_timeout 600; ???# ???????????????????proxy_send_timeout 600; ???# ???????????????????proxy_read_timeout 600; ???# ???????????} ???# ???????????????# ???????????????# ???access_log /usr/local/nginx/logs/isafety.mintaian.com.log; ???# ???#} ???????server { ??????????????listen ??????443; ???????server_name ?isafety.mintaian.com; ???????ssl ??on; ???????ssl_certificate ??????../sslkey/1_isafety.mintaian.com_bundle.crt; ???????ssl_certificate_key ??../sslkey/2_isafety.mintaian.com.key; ???????ssl_session_timeout ??5m; ???????ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3; ???????ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL; ????????ssl_prefer_server_ciphers on; ???????????????#========模型接口===========# ???????location ~* /mintaian/datatransmission { ?????????proxy_pass http://model; ???????????????????????????????????} ???????????#=======**科技页面代理=====>start ??????location ~* /Ferry { ?????????proxy_pass http://mvsp; ???????????????????????????????????????????????????????????????????????????????????????????????} ??????location ~* /ThirdResource { ?????????proxy_pass http://mvsp; ???????????????????????????????????????????????????????????????????????????????????????????????} ??????location ~* /vehicleAlarmData { ?????????proxy_pass http://mvsp; ???????????????????????????????????????????????????????????????????????????????????????????????} ??????????????????????#=======**科技页面代理=====>end ??????????#代理测试文件服务器 ???????location ~* /group1 { ???????????proxy_pass http://fastdfs; ???????} ???????location ~* /group2 { ???????????proxy_pass http://fastdfs; ???????} ???????????#file ???????location ~* /file/ { ???????????add_header ‘Access-Control-Allow-Origin‘ ‘*‘; ???????????add_header ‘Access-Control-Allow-Methods‘ ‘GET, POST, OPTIONS‘; ???????????add_header ‘Access-Control-Allow-Headers‘ ‘Origin, X-Requested-With, Content-Type, Accept‘; ???????????root /usr/local/nginx; ???????} ???????????????location ~* / { ?????????proxy_pass http://truck; ???????????????????????????proxy_set_header ???????Host $host:80; ???????????????????????????proxy_set_header ???????X-Real-IP $remote_addr; ???????????????????????????proxy_set_header ???????X-Forwarded-For $proxy_add_x_forwarded_for; ???????????????????????????client_max_body_size 400m; ???????????????????????????proxy_connect_timeout 600; ???????????????????????????proxy_send_timeout 600; ???????????????????????????proxy_read_timeout 600; ???????????????????????????????????????????????????????proxy_set_header Upgrade $http_upgrade; ???????????????????????????proxy_set_header Connection "upgrade"; ????????????????????????????proxy_set_header X-Forwarded-Proto ?$scheme; ???????????????????} ???????access_log /usr/local/nginx/logs/isafety.mintaian.com.log; ???}}