前言:
而今同学们对“nginx文件系统大小应该为”可能比较着重,咱们都想要知道一些“nginx文件系统大小应该为”的相关知识。那么小编也在网摘上搜集了一些有关“nginx文件系统大小应该为””的相关内容,希望同学们能喜欢,各位老铁们快快来学习一下吧!本文汇总了我在工作中经常用到的nginx配置,适用于大部分的运维场景
1.日志格式配置
在http模块下,有json格式和竖线分割格式,具体在服务中使用哪种格式,只需要在access_log 最后添加对应的格式名称
log_format json '{ "@timestamp": "$time_iso8601", "remote_addr": "$remote_addr","body_bytes_sent": "$body_bytes_sent", ' '"request_time": $request_time,"status": $status,"upstream_response_time": $upstream_response_time, ' '"upstream_addr": "$upstream_addr","request": "$request","request_method": "$request_method", ' '"http_referer": "$http_referer","body_bytes_sent":$body_bytes_sent,"http_x_forwarded_for": "$http_x_forwarded_for", ' '"http_x_real_ip": "$http_x_real_ip", "http_user_agent": "$http_user_agent" }'; log_format split '"$time_iso8601"|"$remote_addr"|"$upstream_addr"|$status|$request_time|' '$upstream_response_time|"$body_bytes_sent"|"$request"|"$request_method"|' '"$http_referer"|"$http_x_forwarded_for"|"$http_x_real_ip"|"$http_user_agent"';
2.静态文件压缩
具体压缩效果可以在浏览器调试模式中的网络中看到,比如实际文件大小为1M,在浏览器开发模式-网络中显示下载大小为500k,即代表文件压缩成功
http { gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 5; gzip_vary on; output_buffers 4 32k; gzip_types text/css text/xml application/x-javascript image/x-ms-bmp application/x-httpd-php image/jpeg image/gif image/png; gzip_proxied any; gzip_disable msie6;}
3.常规的负载均衡
本配置支持后端健康检查,主要是在后端真实节点不可用时,请求不会转发到故障节点,故障节点恢复后,请求正常转发,nginx需要安装nginx_upstream_check_module模块,tengine自带该模块,无需在自行安装
upstream oss_web { server 127.0.0.1:8056; server 127.0.0.1:8057; keepalive 8; check interval=3000 rise=1 fall=2 timeout=1000 type=http; check_http_send "GET /index.html HTTP/1.0\r\n\r\n"; check_http_expect_alive http_2xx http_3xx;}server { listen 8000; server_name ; location / { root html; proxy_pass ; }}
4.域名动态解析加缓存
本例是我公司访问某地图获取地理位置的配置,因为根据经纬度查询到的具体位置短时间内不会发生变化,于是把内容缓存下来,节省费用
http {proxy_cache_path /tmp/nginx levels=1:2 keys_zone=imooc_cache:10m max_size=5g inactive=60m use_temp_path=off;}server { listen 80; server_name restapi.teses.com; charset utf-8; access_log logs/restapi.teses.com.access.log main; error_log logs/restapi.teses.com.error.log; location / { resolver 8.8.8.8 114.114.114.114 valid=600s; set $backend ";; proxy_pass $backend; proxy_cache imooc_cache; proxy_cache_valid 200 1800s; proxy_cache_valid any 10s; proxy_cache_key $host$uri$is_args$args; }}备注:inactive应该需要设置的比valid中时间长
5.跨域配置
location / { add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS'; add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; if ($request_method = 'OPTIONS') { return 204; }}
6.正向代理模式
就是局域网中的用户通过网关做代理访问外部的网络,浏览器代理配置推荐Proxy SwitchyOmega
server { listen 8080; location / { proxy_pass $scheme://$http_host$request_uri; } }
7.代理指定的域名
适用于用户访问的地址和实际的后端节点访问地址不同的场景,比如节点只能通过某域名访问,但是客户不使用相同的域名也能访问
server { listen 8000; server_name kbe.get.com; location /api { proxy_pass ; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host kube.app.com; #kube.app.com }}
8.防盗链
#图片防盗链location ~ .*\.(wma|wmv|asf|mp3|mmf|zip|rar|jpg|gif|png|swf|flv)$ { valid_referers none blocked *.zhkdl.com zhkdl.com; if ($invalid_referer) { #rewrite ^/ ; return 403; }}#目录防盗链location /img/ { root /data/img/; valid_referers none blocked *.zhkdl.com zhkdl.com; if ($invalid_referer) { rewrite ^/ ; #return 403; }}#文件下载防盗链./configure --add-module=path/to/nginx-accesskeyserver{ location /download { accesskey on; accesskey_hashmethod md5; accesskey_arg "key"; accesskey_signature "mypass$remote_addr"; } }
9.nginx systemd配置
tee /etc/systemd/system/nginx.service <<-"EOF"[Unit]Description=The nginx HTTP and reverse proxy serverAfter=network.target remote-fs.target nss-lookup.target[Service]Type=forkingLimitCORE=infinityLimitNOFILE=655350LimitNPROC=655350PIDFile=/usr/local/nginx/logs/nginx.pidExecStartPre=/usr/bin/rm -f /usr/local/nginx/logs/nginx.pidExecStartPre=/usr/local/nginx/sbin/nginx -tExecStart=/usr/local/nginx/sbin/nginxExecReload=/bin/kill -s HUP $MAINPIDKillSignal=SIGQUITTimeoutStopSec=5KillMode=processPrivateTmp=true[Install]WantedBy=multi-user.targetEOF
标签: #nginx文件系统大小应该为