Nginx is used for load balancing, dynamic and static separation, direction proxy configuration
# vi /etc/nginx/nginx.conf
# max_clients = worker_processes * worker_connections (when nginx is used as an http server, /2 is required as a reverse proxy server)
worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 65535; # The maximum number of open files for a process is limited. In this way, nginx will not have the problem of "too many open files" (high concurrency can be set)
# Global error log definition type [ debug | info | notice | warn | error | crit ], the higher the error level is, the later
error_log /var/log/nginx/error.log notice; # nginx error log address
#Process file
pid /var/run/nginx.pid;
events {
worker_connections 10240; # The maximum number of connections for a single process, the maximum is 65535, affected by worker_rlimit_nofile)
}
http {
include /etc/nginx/mime.types; # file extension and file type mapping table
default_type application/octet-stream; # default file type
charset utf-8; # default encoding
fastcgi_intercept_errors on; # Turn on nginx custom settings, such as the following error_page will use
gzip on; # Turn on gzip compressed output
gzip_min_length 1k; # Minimum compressed file size
gzip_buffers 4 16k; # compression buffer
gzip_http_version 1.0; # Compressed version (default 1.1, if the front end is squid2.5, please use 1.0)
gzip_comp_level 2; # compression level
gzip_types text/plain application/x-javascript text/css text/javascript application/x-httpd-php application/json text/json image/jpeg image/gif image/png application/octet-stream; # Types that support compression
gzip_vary on;
#tcp optimization
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 120; # Long connection timeout, the unit is second
# limit_zone zone_name $binary_remote_addr 10m; # Control the number of concurrency of an ip, zone_name is the name, 10m is the space of the recording area, the method of use is added under location (limit_conn zone_name 1; # at most one concurrency)
# client_header_buffer_size 2k; # Client request header buffer size nginx will use the client_header_buffer_size buffer to read the header value by default. If the header is too large, it will use large_client_header_buffers to read
# large_client_header_buffers 4 16k; # The default is 4K, the request line exceeds the first set number 4, and the requested Header header information is greater than the set second number 16k, it will report "Request URI too large" (414) or "Bad request "(400)
# client_body_buffer_size 128k; #The buffer agent buffers the maximum number of bytes requested by the client
# client_max_body_size 8m; # request body maximum size
# client_header_timeout 60s; # Set the timeout time for nginx to read the header information of the client request Header. If the time set by this instruction is exceeded, nginx will return a "Requet time out" error message (HTTP 408 error code)
# client_body_timeout 60s; # Set the timeout time for nginx to read the client request content. If it exceeds the time set by this command, nginx will return "Request time out" error message (HTTP status code 408)
# send_timeout 60s; # Set the response timeout time sent to the client. It refers to the time when two tcp handshakes have not yet turned to the established state. If the client does not respond at this time, Nginx will close the connection
# Dynamic request server pool
upstream api_server {
ip_hash;
# server unix:/www/web/project_name/socket.sock; # The socket communication method using this server has less overhead than the http server
server 192.168.2.1:8001 weight=1; # The greater the weight, the greater the weight of the load
server 192.168.2.2:8001 weight=1;
}
# Static request server pool
# upstream static_server {
# server 192.168.2.3:80;
# }
server {
listen 80; # Listening port number
server_name www.zzq.com www.gmx.com; # ip or domain name
error_log /www/web/logs/nginx_error.log; # Error log address
access_log /www/web/logs/nginx.log; # access record address
error_page 404 403 500 502 503 /404.html; # Redirect nginx error page
# redirect custom page
location = /404.html {
root /www/web/project_name/templates; # html address
}
# Prevent hotlinking and reduce server pressure
location ~* \.(jpg|jpeg|bmp|gif|png|css|js|ico|webp|tiff|ttf|svg|woff|woff2) {
valid_referers none blocked *.xxx.com xxx.com ~\.google\. ~\.bing\. ~\.baidu\.; # Websites that can be accessed (Google, Baidu, Bing, etc.)
if ($invalid_referer) {
return 403; # You can also directly return a prompt to prohibit hotlinking
}
root /www/web/project_name; # Use nginx for dynamic and static separation to reduce uwsgi server pressure
expires 30d;
access_log off; # No need to write to the access log
}
#Set the address to view the status of Nginx
location /NginxStatus {
stub_status on;
access_log on;
auth_basic "NginxStatus";
auth_basic_user_file conf/htpasswd;
}
location /robots.txt {
root /www/web/project_name/static;
access_log off; # No need to write to the access log
log_not_found off; # Whether to record non-existent errors in error_log. default is
}
location /favicon.ico {
root /www/web/project_name/static;
access_log off; # No need to write to the access log
log_not_found off; # Whether to record non-existent errors in error_log. default is
}
# start the reverse proxy
location / {
# uwsgi_pass use uwsgi protocol. proxy_pass uses plain HTTP to contact the uWSGI server. The uWSGI docs claim that the protocol is better, faster and can benefit from all uWSGI special features
include uwsgi_params;
uwsgi_pass api_server;
# Configure when uwsgi connects
uwsgi_read_timeout 600; # Specify the timeout time for receiving uWSGI response, the timeout time for receiving uWSGI response after handshake is completed
uwsgi_connect_timeout 600; # Specify the timeout for connecting to the backend uWSGI
uwsgi_send_timeout 600; # Specify the timeout time for sending requests to uWSGI, and the timeout time for sending requests to uWSGI after completing the handshake
# Use the http protocol configuration method
# proxy_pass http://api_server; # Here, after http, it is equal to the name configured in the first line
# proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Configure when nginx is used as a proxy (used with the http connection method)
# proxy_send_timeout 600; # Timeout for requesting to proxy after handshake
# proxy_connect_timeout 600; # Specify the timeout for connecting to the backend uWSGI
# proxy_read_timeout 600; # Timeout for receiving proxy response after handshake
}
}
include /etc/nginx/conf.d/*.conf; # Also load other nginx configuration files
}