SSL

Posted on 2013-09-10 15:30 H2O 阅读(198) 评论(0)  编辑  收藏
#user  nobody;
worker_processes  4;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  51200;
}
http {
    passenger_root /usr/local/lib/ruby/gems/1.8/gems/passenger-3.0.0;
    passenger_ruby /usr/local/bin/ruby;
    include       mime.types;
    default_type  application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    log_format  main  '$remote_addr | $remote_user | [$time_local] | "$request" | '
                      '"$status" | $body_bytes_sent | "$http_referer" | '
                      '"$http_user_agent" | "$http_x_forwarded_for" | $request_time';
    #access_log  logs/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    #keepalive_timeout  0;
    keepalive_timeout  65;
    gzip  on;
    client_max_body_size 20m;
    client_header_buffer_size 16k;
    large_client_header_buffers 4 64k;
    # forbid ip access 禁止用IP访问
    server{
listen 80;
server_name _;
return 404;
    }
    # dev server
    server{
listen 80; #监听正规的80端口
server_name www.domain.com;
        access_log /home/domain.com/dev/log/access.log main;
rails_env development; 
location ~ ^/(product|image|images)/ {
access_log off;
root /home/domain.com/dev/public;
expires 30d;
        }
location / {
root /home/domain.com/dev/public;
passenger_enabled on;
}
    }
    # ssl to server 配置转发
    upstream server {
        server 127.0.0.1:80;
    }
    # ssl for dev
    server{
listen 443; #监听 SSL端口
server_name www.domain.com;
access_log /home/domain.com/dev/log/ssl_access.log main;
ssl on;
ssl_certificate server.crt;
ssl_certificate_key server_nopassword.key;
        # 下面这堆都是抄的
location / {
proxy_pass  http://server; #把所有的请求转发给 server,看上面的配置
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect     off;
}
    }
}

只有注册用户登录后才能发表评论。


网站导航:
 

posts - 0, comments - 21, trackbacks - 0, articles - 101

Copyright © H2O