Commit 1bca32aa authored by huasheng's avatar huasheng

update conf

parents 58dea0f4 9a6626ed
FROM nginx:alpine
LABEL maintainer="chenbowen <chenbw@fxqifu.com>"
COPY nginx.conf /etc/nginx/
LABEL maintainer="Mahmoud Zalt <mahmoud@zalt.me>"
# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env.
ARG CHANGE_SOURCE=false
ARG CHANGE_SOURCE=true
RUN if [ ${CHANGE_SOURCE} = true ]; then \
# Change application source from dl-cdn.alpinelinux.org to aliyun source
sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \
......@@ -21,6 +19,14 @@ RUN apk update \
# Set upstream conf and remove the default conf
RUN rm /etc/nginx/conf.d/default.conf
RUN mkdir /etc/nginx/upstreams && mkdir /etc/nginx/res
COPY ./nginx.conf /etc/nginx/
COPY ./upstreams/* /etc/nginx/upstreams/
COPY ./res/* /etc/nginx/res/
COPY ./ssl/* /etc/nginx/ssl/
COPY ./sites_online/* /etc/nginx/sites-available/
ADD ./startup.sh /opt/startup.sh
RUN sed -i 's/\r//g' /opt/startup.sh
CMD ["/bin/bash", "/opt/startup.sh"]
......
user www;
worker_processes 4;
daemon off;
pid /run/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 65535;
events {
use epoll;
multi_accept on;
worker_connections 65535;
}
http {
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
types_hash_max_size 2048;
client_max_body_size 20M;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /dev/stdout;
error_log /dev/stderr;
charset UTF-8;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
include /etc/nginx/res/slb_ip_list.conf;
real_ip_header X-Forwarded-For;
gzip on;
gzip_min_length 1k;
gzip_disable "msie6";
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
#limit_zone crawler $binary_remote_addr 10m;
log_format '$remote_addr - $remote_user [$time_local] - $server_addr "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format access '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":"$body_bytes_sent" ,'
'"respnsetime":"$request_time",'
'"upstremtime":"$upstream_response_time",'
'"httphost":"$host",'
'"referer":"$http_referer",'
'"xff":"$http_x_forwarded_for",'
'"agent":"$http_user_agent",'
'"request":"$request",'
'"uri":"$uri",'
'"status":"$status"}';
log_format access_body '{"@timestamp":"$time_iso8601",'
'"host":"$server_addr",'
'"clientip":"$remote_addr",'
'"size":"$body_bytes_sent",'
'"body":"$request_body",'
'"respnsetime":"$request_time",'
'"upstremtime":"$upstream_response_time",'
'"httphost":"$host",'
'"referer":"$http_referer",'
'"xff":"$http_x_forwarded_for",'
'"agent":"$http_user_agent",'
'"request":"$request",'
'"uri":"$uri",'
'"status":"$status"}';
include /etc/nginx/upstreams/*.conf;
include /etc/nginx/sites-available/*.conf;
}
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAukuMadOS9ryMnzu1H3KRwTZLhlvMAB9VWUTv8pJW4sFyhOkx
y5VohbGaS+ebpULtuPJ4GoPdco6jcuiuMkdhY3ccMO4g+Zl6Sz7sB+kOkbYzrbFu
Uq/AvHCOLogwllkckerBuhlIAFvkjgVKC0iY5coqWmYX700EBUT7lZNifb3b/xiw
WQz+rCtrmAkuv0mTwbXufRZOb3eNONkwAz9ohL7fEVCZP7HzeIaav/AMqmwMnkH+
orD00yOC5MAuI24edmQnN+ytz04mO6YG0+Z3eOw8VI+7mCn2Alwyhsz3PT+NfdCx
tCqxEdvfQbjGAdh8rVEZtyIJTzlQl1sajMnECQIDAQABAoIBAQCGr1n7pJfqxJRS
BuPCsZ0I+A0QPUu2hvC4kmt7jys70ynNR57VldY0Whu4ZuETUNj3Tm1glhdC3Db1
O529Afg55gI+qdqzOa+9uOcCLQ94bybbm5ysMR6B3kodAB9Ig3JxWCzpM5/niogp
2U8X60uHTmriYk9Jlf+jI6VUFXMufhlc9/tFcNz+YvyXRQvyesM/ate/3GW4CHiM
lKf8nMIIBcjx7eENHfJi1a//AEUFLhlTaoTXU4NeGKC2HKFh9tDr1oFaOl+62Yv8
Qp1Zpe3kOGnXjq4d4ePbSO7EHHb8Yg4PBh+URRklPcxHQ2gPqThhJ9spdm+iCMk5
keFjyPiVAoGBAOvGjsL2ZqfPXwqCcpJ+u8KUfCY5yfdPmJDrmcjoIWhHvW0kc6H9
bda+roErkZM4P0yspTmyzHs9CH3Uv2cAYRXmRa0tW1Z1Z1ZKyMuiIj3F/NbtqfP+
+kxA7z9GfK7OvchovG7EkBvwCtLt54eOnmqILwuIZRWRcPKhIn0z9j9LAoGBAMpG
cFkf3iqP1oa1ogEPBU/AguJUH1SDNE/oWy0zTs7o9nuEYtd72JAFnvbJLpkknSxB
UYPIdDlCnkawWgnP73J642j1WgJcUhcEvRXedh3XGereA9EYBZSaEjpdiup2ndox
BGJY0B/G4l4NkbKIjQ40SCO2O0Yie1GXptYUlDF7AoGBAMnmkXAAwq2nFdMRG/25
Cx44Owwc5oeioJpRNrLlnV4IOP1SfrbUJ5ACX7r7TUENpJ8LJL4BD7vk6vWeDn2s
xHaVZ0tCEPo7tU8e4U4HvFy7w6VlhekMithrrrS3rqOfJMOOdPZB2sohx5MS6Pab
OasujWLJ3Q4YKumK9NbUfWV7AoGASwJqATLnISNr61KJvBjE4HlEUAfgAmgRSxyg
Sxe+vs33MYC7YqtDeM0M0Plz9Uh1nIawYs1ABEfnB9G34fGhGvPlRvPNKBjyPCT+
tZBkftZYfxdLlQtyblPgNJKhxCaujM4mkQ3cSBxpr3UatXkbzcungM7AFlcNIgm5
zaOd/OcCgYAw7ErMiyFSLJp/d/+lbWBT0if/3V/5w3y8u+bhKCmRqU/L8Jgg0tzr
Ubza2bc9hR/N7ioqg99lJ3gaGSlNP+4XQFmPMrbl/bWfWTpYuQDGZbF5v87HTQA4
TP3Z4z3Mty9cV5ICaZZxvR2QNzKZGMqg/ufkrlmaWJwuTohrYNke7g==
-----END RSA PRIVATE KEY-----
\ No newline at end of file
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIQBzIfMob0qgobbN06iFfRZDANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe
Fw0xODA4MDYwMDAwMDBaFw0xOTExMDUxMjAwMDBaMBcxFTATBgNVBAMMDCouZnhx
aWZ1LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALpLjGnTkva8
jJ87tR9ykcE2S4ZbzAAfVVlE7/KSVuLBcoTpMcuVaIWxmkvnm6VC7bjyeBqD3XKO
o3LorjJHYWN3HDDuIPmZeks+7AfpDpG2M62xblKvwLxwji6IMJZZHJHqwboZSABb
5I4FSgtImOXKKlpmF+9NBAVE+5WTYn292/8YsFkM/qwra5gJLr9Jk8G17n0WTm93
jTjZMAM/aIS+3xFQmT+x83iGmr/wDKpsDJ5B/qKw9NMjguTALiNuHnZkJzfsrc9O
JjumBtPmd3jsPFSPu5gp9gJcMobM9z0/jX3QsbQqsRHb30G4xgHYfK1RGbciCU85
UJdbGozJxAkCAwEAAaOCAq8wggKrMB8GA1UdIwQYMBaAFFPKF1n8a8ADIS8aruSq
qByCVtp1MB0GA1UdDgQWBBRl6tWdgnQ46m4QtiRMjyW+1BtvkjAjBgNVHREEHDAa
ggwqLmZ4cWlmdS5jb22CCmZ4cWlmdS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAvhi1odHRw
Oi8vY2RwLnJhcGlkc3NsLmNvbS9SYXBpZFNTTFJTQUNBMjAxOC5jcmwwTAYDVR0g
BEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln
aWNlcnQuY29tL0NQUzAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMCYGCCsGAQUF
BzABhhpodHRwOi8vc3RhdHVzLnJhcGlkc3NsLmNvbTA9BggrBgEFBQcwAoYxaHR0
cDovL2NhY2VydHMucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4LmNydDAJ
BgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYApLkJkLQYWBSHuxOi
zGdwCjw1mAT5G9+443fNDsgN3BAAAAFlDmBOPgAABAMARzBFAiEAzPrGUew5tKKg
eB4Mmnb4Up7OkQFwHeWHNbvZyPLgCH8CIHjXHEMILhUp/KVopXJAhZVLsM4AkvzJ
6RYQdVjd6q6ZAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFl
DmBPBgAABAMARjBEAiBfRaRC7eDGSCIPdgf9JmMJTYYLqX+lh5RxIibYWHiZ5QIg
YJNu7FJlayoEzmoD4zcBL0w5DwUzKc8bkEmN5RGutOYwDQYJKoZIhvcNAQELBQAD
ggEBAORMXtz1IbamplMW3FVn5M5v/Dv/wiG4xxDgvDm6HZlQLuOZsJGeEizBsNgN
o2eECeM18z0fPLLFbw5a9JDlh2ySU5SQ3Q/L2MtIKpaU91VK67btKUhOSy8aryVZ
tSa+QAYXbDoe2Y39T9XXWeuLuHDAIpXBRLLfDr3fpfHJsI4wN4NvmKnMvhG7XS6j
eAa1bNpXmzyUr+GjpIE1XwaOVzVccfMOfCAbOirGwjaJCEzZAjjpVnfn+dXckd6q
mMW8vA6YE0YPTLo59pi/FDWjlhPvAJhi+D+cV4x/rXyaXmE6wVJEe7mQB5ZNVSFG
peJISE6kWy7K6gMKrh3IsdJZFf0=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEsTCCA5mgAwIBAgIQCKWiRs1LXIyD1wK0u6tTSTANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0xNzExMDYxMjIzMzNaFw0yNzExMDYxMjIzMzNaMF4xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xHTAbBgNVBAMTFFJhcGlkU1NMIFJTQSBDQSAyMDE4MIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA5S2oihEo9nnpezoziDtx4WWLLCll/e0t1EYemE5n
+MgP5viaHLy+VpHP+ndX5D18INIuuAV8wFq26KF5U0WNIZiQp6mLtIWjUeWDPA28
OeyhTlj9TLk2beytbtFU6ypbpWUltmvY5V8ngspC7nFRNCjpfnDED2kRyJzO8yoK
MFz4J4JE8N7NA1uJwUEFMUvHLs0scLoPZkKcewIRm1RV2AxmFQxJkdf7YN9Pckki
f2Xgm3b48BZn0zf0qXsSeGu84ua9gwzjzI7tbTBjayTpT+/XpWuBVv6fvarI6bik
KB859OSGQuw73XXgeuFwEPHTIRoUtkzu3/EQ+LtwznkkdQIDAQABo4IBZjCCAWIw
HQYDVR0OBBYEFFPKF1n8a8ADIS8aruSqqByCVtp1MB8GA1UdIwQYMBaAFAPeUDVW
0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQo
MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8E
OzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i
YWxSb290Q0EuY3JsMGMGA1UdIARcMFowNwYJYIZIAYb9bAECMCowKAYIKwYBBQUH
AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCwYJYIZIAYb9bAEBMAgG
BmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQADggEBAH4jx/LKNW5ZklFc
YWs8Ejbm0nyzKeZC2KOVYR7P8gevKyslWm4Xo4BSzKr235FsJ4aFt6yAiv1eY0tZ
/ZN18bOGSGStoEc/JE4ocIzr8P5Mg11kRYHbmgYnr1Rxeki5mSeb39DGxTpJD4kG
hs5lXNoo4conUiiJwKaqH7vh2baryd8pMISag83JUqyVGc2tWPpO0329/CWq2kry
qv66OSMjwulUz0dXf4OHQasR7CNfIr+4KScc6ABlQ5RDF86PGeE6kdwSQkFiB/cQ
ysNyq0jEDQTkfa2pjmuWtMCNbBnhFXBYejfubIhaUbEv2FOQB3dCav+FPg5eEveX
TVyMnGo=
-----END CERTIFICATE-----
#ssl on;
ssl_certificate /etc/nginx/res/fxqifu.com.pem;
ssl_certificate_key /etc/nginx/res/fxqifu.com.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
fxqifu-xhgui:8z/V6DFUHtLV.
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass php-73-upstream;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param TIDEWAYS_SAMPLERATE "100";
#fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/back-end/php-xhgui/external/header.php";
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param TIDEWAYS_SAMPLERATE "100";
fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/back-end/php-xhgui/external/header.php";
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
set_real_ip_from 100.116.239.0/25;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|svg|ico)$ {
access_log off;
expires 30d;
}
location ~ .*\.(js|css)?$ {
access_log off;
expires 1h;
}
location ~ .*\.(woff|woff2)?$ {
access_log off;
expires 10d;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS,PATCH,PUT,DELETE always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers Authorization,Token,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,welfare-token,fx-token,walking-token,withcredentials always;
add_header Access-Control-Max-Age 1728000 always;
if ($request_method = OPTIONS) {
#if ($http_origin !~ (\.fxqifu\.com\.cn$)|(\.fxqifu\.com$)) {
# return 403;
#}
return 204;
}
server {
listen 80;
server_name gitlab-sync.fxqifu.com.cn;
root /var/www/dev-ops/gitlab-sync;
index index.html index.php;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
#fastcgi_pass gitlab-sync:9000;
#fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#include fastcgi_params;
}
access_log /var/log/nginx/git.fxqifu.com_access.log access_body;
error_log /var/log/nginx/git.fxqifu.com_error.log error;
}
server {
listen 80;
server_name transaction.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name transaction.fxqifu.com transaction.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/transaction/public;
include /etc/nginx/res/fxqifu.com_cert.conf;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/transaction.fxqifu.com_access.log access;
error_log /var/log/nginx/transaction.fxqifu.com_error.log error;
}
server {
listen 80;
server_name welfare.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/welfare/public;
include /etc/nginx/res/fxqifu.com_cert.conf;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/welfare.fxqifu.com_access.log access;
error_log /var/log/nginx/welfare.fxqifu.com_error.log error;
}
server {
listen 80;
server_name xj-api.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
index index.html index.htm index.php;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://node-upstream;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj-api.fxqifu.com.cn_access.log;
error_log /var/log/nginx/xj-api.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name xj-app.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xj-app-web;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj-app.fxqifu.com_access.log;
error_log /var/log/nginx/xj-app.fxqifu.com_error.log error;
}
server {
listen 80;
server_name xj.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xj.fxqifu.com xj.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xj-admin-web/dist;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj.fxqifu.com_access.log;
error_log /var/log/nginx/xj.fxqifu.com_error.log error;
}
server {
listen 80;
server_name admin-xj.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name admin-xj.fxqifu.com;
index index.html index.htm;
root /var/www/front-end/xj-manage-admin/dist;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/admin-xj.fxqifu.com_access.log;
error_log /var/log/nginx/admin-xj.fxqifu.com_error.log error;
}
server {
listen 80;
server_name gitlab-sync.fxqifu.com.cn;
root /var/www/dev-ops/gitlab-sync;
index index.html index.php;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass gitlab-sync:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
access_log /var/log/nginx/git.fxqifu.com_access.log access_body;
error_log /var/log/nginx/git.fxqifu.com_error.log error;
}
server {
listen 80;
server_name order.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name order.fxqifu.com order.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/order/public;
include /etc/nginx/res/fxqifu.com_cert.conf;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/order.fxqifu.com_access.log access;
error_log /var/log/nginx/order.fxqifu.com_error.log error;
}
server {
listen 80;
server_name sp-xj.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name sp-xj.fxqifu.com;
index index.html index.htm;
root /var/www/front-end/xj-service-admin/dist;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/sp-xj.fxqifu.com_access.log;
error_log /var/log/nginx/sp-xj.fxqifu.com_error.log error;
}
server {
listen 80;
server_name supplier-admin.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name supplier-admin.fxqifu.com;
index index.html index.htm;
root /var/www/front-end/supplier-admin/dist;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/supplier-admin.fxqifu.com_access.log;
error_log /var/log/nginx/supplier-admin.fxqifu.com_error.log error;
}
server {
listen 80;
server_name supplier-api.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name supplier-api.fxqifu.com supplier-api.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/supplier/public;
include /etc/nginx/res/fxqifu.com_cert.conf;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/supplier-api.fxqifu.com_access.log access;
error_log /var/log/nginx/supplier-api.fxqifu.com_error.log error;
}
server {
listen 80;
server_name supplier-front-api.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name supplier-front-api.fxqifu.com;
index index.html index.htm index.php;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://node-tmp-upstream;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/supplier-front-api.fxqifu.com_access.log;
error_log /var/log/nginx/supplier-front-api.fxqifu.com_error.log error;
}
server {
listen 80;
server_name transaction.fxqifu.com transaction.fxqifu.com.cn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name transaction.fxqifu.com transaction.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/transaction/public;
include /etc/nginx/res/fxqifu.com_cert.conf;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/transaction.fxqifu.com_access.log access;
error_log /var/log/nginx/transaction.fxqifu.com_error.log error;
}
server {
listen 80;
server_name uc.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name uc.fxqifu.com uc.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/user-center/public;
include /etc/nginx/res/fxqifu.com_cert.conf;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/uc.fxqifu.com_access.log access;
error_log /var/log/nginx/uc.fxqifu.com_error.log error;
}
server {
listen 80;
server_name welfare-api.fxqifu.com.cn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
include /etc/nginx/res/static_resource.conf;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://node:3000;
}
access_log /var/log/nginx/welfare-api.fxqifu.com.cn_access.log;
error_log /var/log/nginx/welfare-api.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/welfare/public;
include /etc/nginx/res/strict_web_cors.conf;
include /etc/nginx/res/fxqifu.com_cert.conf;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/welfare.fxqifu.com_access.log access;
error_log /var/log/nginx/welfare.fxqifu.com_error.log error;
}
server {
listen 80;
server_name www.elejoys.com xiangjia.fxqifu.com;
index index.html index.htm;
root /var/www/front-end/xj-website/build;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/www.elejoys.com_access.log;
error_log /var/log/nginx/www.elejoys.com_error.log error;
}
upstream php-71-upstream { server php-fpm-71:9000; }
server {
listen 80;
server_name xhgui.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/php-xhgui/webroot;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
auth_basic "xhgui needs authentication"; # 开启HTTP Basic认证
#auth_basic_user_file htpasswd; # 密码文件
auth_basic_user_file /etc/nginx/res/htpasswd; # 密码文件
try_files $uri =404;
fastcgi_pass php-71-upstream;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
expires 30d;
}
location ~ .*\.(js|css)?$ {
expires 30d;
}
access_log /var/log/nginx/xhgui.fxqifu.com.cn_access.log access;
error_log /var/log/nginx/xhgui.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
index index.html index.htm index.php;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://node-upstream;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj-api.fxqifu.com.cn_access.log;
error_log /var/log/nginx/xj-api.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name xj-app-api.fxqifu.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xj-app-api.fxqifu.com;
index index.html index.htm index.php;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://node-tmp-upstream;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj-app-api.fxqifu.com_access.log;
error_log /var/log/nginx/xj-app-api.fxqifu.com_error.log error;
}
server {
listen 80;
server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xj-app-web;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj-app.fxqifu.com_access.log;
error_log /var/log/nginx/xj-app.fxqifu.com_error.log error;
}
server {
listen 80;
server_name xj.fxqifu.com xj.fxqifu.com.cn;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name xj.fxqifu.com xj.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xj-admin-web/dist;
include /etc/nginx/res/fxqifu.com_cert.conf;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj.fxqifu.com_access.log;
error_log /var/log/nginx/xj.fxqifu.com_error.log error;
}
server {
listen 80;
server_name admin-xj.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xjia-operate-admin/dist;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/admin.xj.fxqifu.com.cn_access.log;
error_log /var/log/nginx/admin.xj.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name admin.xj.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xjia-operate-admin;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/admin.xj.fxqifu.com.cn_access.log;
error_log /var/log/nginx/admin.xj.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name jenkins.fxqifu.com.cn;
index index.html index.php;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://jenkins:8080;
}
#include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/jenkins.fxqifu.com_access.log access_body;
error_log /var/log/nginx/jenkins.fxqifu.com_error.log error;
}
server {
listen 80;
server_name sp-xj.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xjia-service-provider/dist;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/sp.xj.fxqifu.com.cn_access.log;
error_log /var/log/nginx/sp.xj.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name sp.xj.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xjia-service-provider;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/sp.xj.fxqifu.com.cn_access.log;
error_log /var/log/nginx/sp.xj.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name supplier-admin.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/provideManage_web/dist;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/supplier-admin.fxqifu.com.cn_access.log;
error_log /var/log/nginx/supplier-admin.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name welfare-api.fxqifu.com.cn;
include /etc/nginx/res/static_resource.conf;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://node:3000;
}
access_log /var/log/nginx/welfare-api.fxqifu.com.cn_access.log;
error_log /var/log/nginx/welfare-api.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
index index.html index.php;
root /var/www/back-end/fxqifu_welfare/public;
include /etc/nginx/res/php-fpm.conf;
include /etc/nginx/res/static_resource.conf;
access_log /var/log/nginx/welfare.fxqifu.com_access.log access;
error_log /var/log/nginx/welfare.fxqifu.com_error.log error;
}
server {
listen 80;
server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
index index.html index.htm index.php;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Nginx-Proxy true;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://node-upstream;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj-api.fxqifu.com.cn_access.log;
error_log /var/log/nginx/xj-api.fxqifu.com.cn_error.log error;
}
server {
listen 80;
server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xjia-app-admin;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj-app.fxqifu.com_access.log;
error_log /var/log/nginx/xj-app.fxqifu.com_error.log error;
}
server {
listen 80;
server_name xj.fxqifu.com xj.fxqifu.com.cn;
index index.html index.htm;
root /var/www/front-end/xjia-admin-pc/dist;
location / {
try_files $uri $uri/ /index.html$is_args$args;
}
include /etc/nginx/res/static_resource.conf;
#access_log /var/log/nginx/xj.fxqifu.com_access.log;
error_log /var/log/nginx/xj.fxqifu.com_error.log error;
}
-----BEGIN CERTIFICATE-----
MIIC6TCCAdECFEc1VG8omKI7BCjhRYOyG7ztfbn9MA0GCSqGSIb3DQEBCwUAMDEx
EDAOBgNVBAMMB2RlZmF1bHQxEDAOBgNVBAoMB2RlZmF1bHQxCzAJBgNVBAYTAlVL
MB4XDTE5MDMzMDAyNDkyNFoXDTIwMDMyOTAyNDkyNFowMTEQMA4GA1UEAwwHZGVm
YXVsdDEQMA4GA1UECgwHZGVmYXVsdDELMAkGA1UEBhMCVUswggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQC1o8V2rBgq1cuvONNqfrVk/h07G2u5x8nnjis3
PZXM4GWBhum8VzWCKLQMiwv1WANnOU2+zvZDAcVzPlZX+yX32ahaQM+b+fMzCFi/
WdlrHjPrpqeMTaYwSGrGb1k76rG2GoRqSTvK119s2jhkDMiJ0aERGD90uSX54kqa
OWb8BoTpc7CguGJn8pYXPaCBncwicnU9gselgYbdgHsgtbC/5PyFtYUS4D8+0z+b
5ZU8sqDpz74VdXzeX23q7uHr7tcVZLg+eakfNXgbs2RY9XtsFZZRzixeEzaUE0a6
MAGSTTGKgEcA7GlaHgnLa9+xQwGBO3OpFT+9xT3gMkHAmCuTAgMBAAEwDQYJKoZI
hvcNAQELBQADggEBACZwmstiOKho9w7/ii5FC8exkmPUjUYzSvBf/mbbvVvSKoSw
5SBclFG/R4Alc47MwwrQv5ZDkjwjLlQBtdlMsHyLZu1YmNW98X2JeqqhB/EuNPwJ
5eWUP1fBCPRjWo6xA1OBWw0E3XE+gmx+i/+eUO4K0O3ez/bN3WAFJaOZB7NIzs2a
nsb+oupC9X6OITq7I1kNIpBK3l4heEnFehFILm/7hH1dJehX1uwK3Vw6A2ZBIRxs
L2T6U2GckOgrcJHfHo7Z6WzRkzzQPVuTaMCwWuGjNLVkJX4uRe+C26sA+Uix99GQ
VDpS8t/yVhjDpSuAur2HXFy0nGohyXbymp+tSgI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE REQUEST-----
MIICdjCCAV4CAQAwMTEQMA4GA1UEAwwHZGVmYXVsdDEQMA4GA1UECgwHZGVmYXVs
dDELMAkGA1UEBhMCVUswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1
o8V2rBgq1cuvONNqfrVk/h07G2u5x8nnjis3PZXM4GWBhum8VzWCKLQMiwv1WANn
OU2+zvZDAcVzPlZX+yX32ahaQM+b+fMzCFi/WdlrHjPrpqeMTaYwSGrGb1k76rG2
GoRqSTvK119s2jhkDMiJ0aERGD90uSX54kqaOWb8BoTpc7CguGJn8pYXPaCBncwi
cnU9gselgYbdgHsgtbC/5PyFtYUS4D8+0z+b5ZU8sqDpz74VdXzeX23q7uHr7tcV
ZLg+eakfNXgbs2RY9XtsFZZRzixeEzaUE0a6MAGSTTGKgEcA7GlaHgnLa9+xQwGB
O3OpFT+9xT3gMkHAmCuTAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAlZpiMQ8t
J7RLeFCksfw6dBS7Lts35WR0UCRUwtM6UQJVfS69H/LvoFSe3LLw5Nt1B26yMYrm
riSoQsmzBR7tLwRzC76s7wCrreDI1AZNrAxMoHDJyicwfZiwrngp86DanhJz2UMu
ndEOLHXOS0LhTKd74GNmCy3C4aQKu4nlv0UuvDgiaKcCXihlDxVzDq40ZAMd44Pf
JybNHLHH0+Ktb7Uwb4aJkTa/jkpei4UtaYQ6LWzIbqA7IomkfYAG2Ci113pdHkDX
isnDrvjE+pEEgOvtgpsDaoZS0wq+K8pml2BkbCqyMHE5kEk/Dem8jAAGNp45nqL+
bgVWYwoLIciLSg==
-----END CERTIFICATE REQUEST-----
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAtaPFdqwYKtXLrzjTan61ZP4dOxtrucfJ544rNz2VzOBlgYbp
vFc1gii0DIsL9VgDZzlNvs72QwHFcz5WV/sl99moWkDPm/nzMwhYv1nZax4z66an
jE2mMEhqxm9ZO+qxthqEakk7ytdfbNo4ZAzIidGhERg/dLkl+eJKmjlm/AaE6XOw
oLhiZ/KWFz2ggZ3MInJ1PYLHpYGG3YB7ILWwv+T8hbWFEuA/PtM/m+WVPLKg6c++
FXV83l9t6u7h6+7XFWS4PnmpHzV4G7NkWPV7bBWWUc4sXhM2lBNGujABkk0xioBH
AOxpWh4Jy2vfsUMBgTtzqRU/vcU94DJBwJgrkwIDAQABAoIBAQCAJKDbXv/RwHDp
FiL4v5mDPU8r8uVl9I/5fy/30cfL+QdDgQWG7NOAFu0m6DWwib4k5aV2lpXfofFF
o1XQzgr0NybxPUX6GTU87IeHv4CGdJFWj4Umk2VKLNy/T7DZd3KWMVD3luDK8nSM
28rqsqYLrMt/vuaNl002ZDITaanA5Dss9B4n0bNFWcVd4dWwB6OFqbBmL2yTGSsb
zjHQxPWB4SQRTnqXqque5p0PvLzNEQjusskAd0USUjdqmJ5pzPP4uZuzwiGNHFim
SzKQGZcLUs7p9Y40QQDjfpPr9p6VSOCwLGOTEary7SxMKbshqOfuFyPEwRzf0XqY
1q79u3VBAoGBAOqFixGgXnigEEak/mZgbl7LKs2YKINm7U1fSBrp732L9sWCMeUt
c/1DcB/J5pQef/VmxvsNUEBI0qeyTuRuluzMhQ14mHHQn+eL3gPN8sZylCnfzHIr
1q8K29mcA1/lm7D61IhrtorfS56zHDjm5cSPyvXBE6pIzgZyqjojrEDhAoGBAMZG
Y8Gc8o9zdlM8RwOuIa5v3NpIJoI40m+3YylrsoxD6XyVMX2FqQNM/qa/cWZg4U4F
sj+7sg9a8geUhW3yqdXYFrfqZZBHUJesWuaoKs35bzSvJ21pQA+rdbhOb9BKYIe/
dEQMTCIJwdQVmnnZwEpdWpPScMR3QB/gpeywq1bzAoGAB2SiV7HoiIDzQmbdJjkQ
AakB9m0/ibTq8i94xHBvflO1OdC65fCi4W8Iz9e7jxvPCNtulmd7CivBiEvUtNrP
ozNnVl9g3uWmxNPh8djCOINQLGnDti2vnOEIwTlr2dARMmkV3h8XKBWV+rDGyPxu
bd3ilhC6H/oflJB00VRij8ECgYAVhpDP9UUUM9nVwYaILMB1WqmkfQ7JNngKLuOy
HIIe3kScBOqBkSA/Pn2rBr+9+KidOtsWNj9nkV0TW5l8zUqI79PPlb//AO8L+GdK
AVncUMc09gsWwsV0rg2yu7lB6MFAG5X4yUj+rQaBCvNhZTWOHUJ3J/KcMcIhc9cv
siJ35wKBgBm0l5EWNFqJ5CExvT1zVfbMSnAwR00xPOROgtErcwUF8Ys1jzzX1mVN
OkiyEuJhubWsFF6GiRyPpKyYRN61ypqk1Oc3K9xvuzlWhW0aRGxJUcMEvZPzyHNd
DZCyjjg0vBG+OrX3Ex+YRetDz9uwmE9rEU2FISFeBZPz/2Gb6SGd
-----END RSA PRIVATE KEY-----
#!/bin/bash
if [ ! -f /etc/nginx/ssl/default.crt ]; then
openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt"
fi
nginx
upstream node-upstream { server node:3000; }
upstream node-tmp-upstream { server supplier-node:3000; }
upstream php-upstream { server php-fpm:9000; }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment