# For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 4096; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. # include /etc/nginx/conf.d/*.conf; server { listen 80; listen [::]:80; server_name youwww.com; try_files $uri $uri/ /index.html; # Load configuration files for the default server block. gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 9; gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/javascript application/json; gzip_disable "MSIE [1-6]\."; gzip_vary on; error_page 404 /404.html; location = /404.html { } #配置http验证可访问 location /.well-known/acme-challenge/ { #此目录都是nginx容器内的目录,对应宿主机volumes中的http验证目录,而宿主机的又与certbot容器中命令--webroot-path指定目录一致,从而就整个串起来了,解决了http验证问题 root /usr/share/certbot/www; } location /prod-api/ { proxy_pass http://server/; } location / { root /opt/admin; index index.html index.htm; try_files $uri $uri/ /index.html; } error_page 500 502 503 504 /50x.html; location = /50x.html { } } server { listen 80; server_name h5.youwww.com; try_files $uri $uri/ /index.html; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 9; gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/javascript application/json; gzip_disable "MSIE [1-6]\."; gzip_vary on; location / { try_files $uri $uri/ /index.html; root /opt/app; } error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } server { listen 80; server_name rider.youwww.com; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 9; gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/javascript application/json; gzip_disable "MSIE [1-6]\."; gzip_vary on; location / { try_files $uri $uri/ /index.html; root /opt/rider; } error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } upstream server { ip_hash; server localhost:8585; } server { listen 443 ssl; server_name youwww.com; ssl_certificate /etc/nginx/cert/youwww.com.pem; # /etc/nginx/cert/ 为docker映射路径 不允许更改 ssl_certificate_key /etc/nginx/cert/youwww.com.key; # /etc/nginx/cert/ 为docker映射路径 不允许更改 ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location /prod-api/ { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://server/; } location / { root /opt/admin; index index.html index.htm; try_files $uri $uri/ /index.html; } error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } server { listen 443 ssl; server_name h5.youwww.vip; ssl_certificate /etc/nginx/cert/h5.youwww.vip.pem; # /etc/nginx/cert/ 为docker映射路径 不允许更改 ssl_certificate_key /etc/nginx/cert/h5.youwww.vip.key; # /etc/nginx/cert/ 为docker映射路径 不允许更改 ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 9; gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/javascript application/json; gzip_disable "MSIE [1-6]\."; gzip_vary on; location / { try_files $uri $uri/ /index.html; root /usr/share/nginx/app; } location /prod-api/ { proxy_pass http://server/; } location /cb { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header REMOTE-HOST $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://172.30.0.60:8585/cb; } error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } server { listen 443 ssl; server_name rider.youwww.vip; ssl_certificate /etc/nginx/cert/rider.youwww.vip.pem; # /etc/nginx/cert/ 为docker映射路径 不允许更改 ssl_certificate_key /etc/nginx/cert/rider.youwww.vip.key; # /etc/nginx/cert/ 为docker映射路径 不允许更改 ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; gzip on; gzip_min_length 1k; gzip_buffers 4 16k; gzip_http_version 1.1; gzip_comp_level 9; gzip_types text/plain application/x-javascript text/css application/xml text/javascript application/x-httpd-php application/javascript application/json; gzip_disable "MSIE [1-6]\."; gzip_vary on; location / { try_files $uri $uri/ /index.html; root /usr/share/nginx/rider; } location /prod-api/ { proxy_pass http://server/; } error_page 404 /404.html; location = /404.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } }