diff options
| author | wangchengcheng <[email protected]> | 2023-07-27 15:43:51 +0800 |
|---|---|---|
| committer | wangchengcheng <[email protected]> | 2023-07-27 15:43:51 +0800 |
| commit | 124f687daace8b85e5c74abac04bcd0a92744a8d (patch) | |
| tree | 4f563326b1be67cfb51bf6a04f1ca4d953536e76 /PCAP-PIC/galaxy-hos-nginx | |
| parent | 08686ae87f9efe7a590f48db74ed133b481c85b1 (diff) | |
P19 23.07 online-configP19
Diffstat (limited to 'PCAP-PIC/galaxy-hos-nginx')
| -rw-r--r-- | PCAP-PIC/galaxy-hos-nginx/conf/nginx.conf | 85 | ||||
| -rw-r--r-- | PCAP-PIC/galaxy-hos-nginx/conf/self-sign.crt | 13 | ||||
| -rw-r--r-- | PCAP-PIC/galaxy-hos-nginx/conf/self-sign.key | 8 | ||||
| -rw-r--r-- | PCAP-PIC/galaxy-hos-nginx/docker-compose.yml | 16 |
4 files changed, 122 insertions, 0 deletions
diff --git a/PCAP-PIC/galaxy-hos-nginx/conf/nginx.conf b/PCAP-PIC/galaxy-hos-nginx/conf/nginx.conf new file mode 100644 index 0000000..afcfa97 --- /dev/null +++ b/PCAP-PIC/galaxy-hos-nginx/conf/nginx.conf @@ -0,0 +1,85 @@ +worker_processes auto; + +events { + worker_connections 4096; +} + +http { + include mime.types; + default_type application/octet-stream; + sendfile on; + keepalive_timeout 65; + keepalive_requests 100000; + vhost_traffic_status_zone; + vhost_traffic_status_filter_by_host on; + client_max_body_size 5120M; #(设置客户端请求体最大值) + client_body_buffer_size 128k; #(配置请求体缓存区大小,) + access_log off; # 关闭access日志 + + upstream hos { + server 192.168.10.193:8186; + server 192.168.10.194:8186; + keepalive 1000; + keepalive_timeout 65; + keepalive_requests 100000; + } + + geo $islocalip { + default 0; + } + +#hos非加密 +server { + listen 9098; + server_name localhost; + + location / { + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_set_header Host $http_host; + proxy_connect_timeout 60s;#nginx跟后端服务器连接超时时间(代理连接超时)默认60s + proxy_send_timeout 600s;#后端服务器数据回传时间(代理发送超时)默认值60s + proxy_read_timeout 600s;#连接成功后,后端服务器响应时间(代理接收超时)默认值60s + set $ssl 0; #是否开启重定向加密,开启是1,关闭是0,默认关闭 + if ($islocalip = 0){ + set $ssl "${ssl}1"; + } + if ($request_method = GET) { + set $ssl "${ssl}1"; + } + if ($ssl = "111") { + return 302 https://$host:9097$request_uri; + } + proxy_pass http://hos$request_uri; + } +} + + +#hos加密 +server { + listen 9097 ssl; + server_name localhost; + proxy_set_header Host $host:9098; + ssl_certificate /usr/local/nginx/conf/self-sign.crt; + ssl_certificate_key /usr/local/nginx/conf/self-sign.key; + location / { + proxy_connect_timeout 60s;#nginx跟后端服务器连接超时时间(代理连接超时)默认60s + proxy_send_timeout 600s;#后端服务器数据回传时间(代理发送超时)默认值60s + proxy_read_timeout 600s;#连接成功后,后端服务器响应时间(代理接收超时)默认值60s + proxy_pass http://hos; + } +} + +#nginx监控端口 +server { + listen 9914; + server_name localhost; + location /status { + vhost_traffic_status_display; + vhost_traffic_status_display_format html; + } +} + +} + + diff --git a/PCAP-PIC/galaxy-hos-nginx/conf/self-sign.crt b/PCAP-PIC/galaxy-hos-nginx/conf/self-sign.crt new file mode 100644 index 0000000..8cb6bd7 --- /dev/null +++ b/PCAP-PIC/galaxy-hos-nginx/conf/self-sign.crt @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIICBTCCAaugAwIBAgIJAN1eg7aXJa0AMAoGCCqGSM49BAMCMGoxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2Nv +MRMwEQYDVQQKDApHZG50LWNsb3VkMRkwFwYDVQQDDBAqLmdkbnQtY2xvdWQuY29t +MB4XDTIxMDgzMTA1NTk0MloXDTMxMDgyOTA1NTk0MlowajELMAkGA1UEBhMCVVMx +EzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzAR +BgNVBAoMCkdkbnQtY2xvdWQxGTAXBgNVBAMMECouZ2RudC1jbG91ZC5jb20wWTAT +BgcqhkjOPQIBBggqhkjOPQMBBwNCAARJcFCde1et82GZjZmr7M8nsx7dQki3SJ6v +EfVxrRO6AaAkge6eq1mg0MyYRCc2j8Q+W4foy2tlVwywRJCiKnvzozowODAJBgNV +HRMEAjAAMCsGA1UdEQQkMCKCECouZ2RudC1jbG91ZC5jb22CDmdkbnQtY2xvdWQu +Y29tMAoGCCqGSM49BAMCA0gAMEUCIBi5SITjNG7P/5qVs6EyJ2E9602KiNUS1EbY +3CJ33z0YAiEAySQ+MOtTESxRzRgkxuQHFktyCGyRWmqrkOEDES1j+QQ= +-----END CERTIFICATE----- diff --git a/PCAP-PIC/galaxy-hos-nginx/conf/self-sign.key b/PCAP-PIC/galaxy-hos-nginx/conf/self-sign.key new file mode 100644 index 0000000..3fec678 --- /dev/null +++ b/PCAP-PIC/galaxy-hos-nginx/conf/self-sign.key @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIC6qFeIiJvkGqYIxpfl14NZ8bOu6Fk0jfLumg39lTTLMoAoGCCqGSM49 +AwEHoUQDQgAESXBQnXtXrfNhmY2Zq+zPJ7Me3UJIt0ierxH1ca0TugGgJIHunqtZ +oNDMmEQnNo/EPluH6MtrZVcMsESQoip78w== +-----END EC PRIVATE KEY----- diff --git a/PCAP-PIC/galaxy-hos-nginx/docker-compose.yml b/PCAP-PIC/galaxy-hos-nginx/docker-compose.yml new file mode 100644 index 0000000..ec088fe --- /dev/null +++ b/PCAP-PIC/galaxy-hos-nginx/docker-compose.yml @@ -0,0 +1,16 @@ +version: '3' +services: + nginx: + image: nginx-metrics:1.17.0 + container_name: galaxy-hos-nginx + restart: always + ports: + - 80:80 + volumes: + - /home/tsg/olap/galaxy/volumes/galaxy-hos-nginx/conf/nginx.conf:/usr/local/nginx/conf/nginx.conf + - /home/tsg/olap/galaxy/volumes/galaxy-hos-nginx/conf/self-sign.crt:/usr/local/nginx/conf/self-sign.crt + - /home/tsg/olap/galaxy/volumes/galaxy-hos-nginx/conf/self-sign.key:/usr/local/nginx/conf/self-sign.key + - /home/tsg/olap/galaxy/volumes/galaxy-hos-nginx/logs:/usr/local/nginx/logs + working_dir: /etc/nginx + command: /etc/nginx/nginx -g 'daemon off;' + network_mode: "host" |