Ecs nginx.conf nogoproxy

来自ling
跳转至: 导航搜索
tee /alidata/dockerdata/nginx/conf/nginx.conf <<-'EOF'
#user  nobody;
worker_processes  1;
 
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
 
#pid        logs/nginx.pid;
 
 
events {
    worker_connections  1024;
}
 
stream {
    upstream kafka {
       server surface.ling2.cn:9092;
    }
    upstream mysql_surface{
       server surface.ling2.cn:3306;
    }
    upstream postgresql{
       server surface.ling2.cn:5432;
    }
    upstream gitlab{
       server surface.ling2.cn:10022;
    }
    upstream jenkins{
       server surface.ling2.cn:50000;
    }
    upstream oracle{
       server surface.ling2.cn:1521;
    }
    upstream zookeeper{
       server surface.ling2.cn:2181;
    }
    upstream redis{
       server surface.ling2.cn:6379;
    }
    upstream rabbitmq{
       server surface.ling2.cn:5672;
    }
    upstream elasticsearch1{
       server surface.ling2.cn:9200;
    }
    upstream elasticsearch2{
       server surface.ling2.cn:9300;
    }
    upstream mongodb{
       server surface.ling2.cn:27017;
    }
    server {
        listen 9092;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass kafka;
    }
    server {
        listen 3307;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass mysql_surface;
    }
    server {
        listen 10022;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass gitlab;
    }
    server {
        listen 50000;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass jenkins;
    }
#    server {
#        listen 2181;
#        proxy_connect_timeout 1s;
#        proxy_timeout 3s;
#        proxy_pass zookeeper;
#    }
#    server {
#        listen 6379;
#        proxy_connect_timeout 1s;
#        proxy_timeout 3s;
#        proxy_pass redis;
#    }
#    server {
#        listen 5672;
#        proxy_connect_timeout 1s;
#        proxy_timeout 3s;
#        proxy_pass rabbitmq;
#    }
    server {
        listen 9200;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass elasticsearch1;
    }
    server {
        listen 9300;
        proxy_connect_timeout 1s;
        proxy_timeout 3s;
        proxy_pass elasticsearch2;
    }
#    server {
#        listen 27017;
#        proxy_connect_timeout 1s;
#        proxy_timeout 3s;
#        proxy_pass mongodb;
#    }
    server {
        listen 1521 so_keepalive=on;
        proxy_pass oracle;
    }
}
http {
    include       mime.types;
    default_type  application/octet-stream;
 
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
 
    #access_log  logs/access.log  main;
 
    sendfile        on;
    #tcp_nopush     on;
 
    #keepalive_timeout  0;
    keepalive_timeout  65;
 
    #gzip  on;
 
    server {
        listen       80;
        listen       443 ssl;
        server_name  wiki.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://localhost:73/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  zookeeper.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:64/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  nexus.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:74/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  docker.ling2.cn;
        client_max_body_size 0; # disable any limits to avoid HTTP 413 for large image uploads
        chunked_transfer_encoding on;# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:8889/;
          proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
          proxy_redirect off;
          proxy_buffering off;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m; 
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  rabbitmq.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:78/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  mantis.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://127.0.0.1:69/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  gitlab.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:70/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  gitlabssh.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:10022/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  jenkins.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:71/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  kafka.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:72/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  mongo.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://127.0.0.1:76/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  opencron.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:68/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  kibana.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:75/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  zipkin.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:63/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  oracle.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:65/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  explorer.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:62/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  sonar.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:61/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  onlyoffice.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:60/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  mail.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://127.0.0.1:58/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  docservice.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:59/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
    server {
        listen       80;
        listen       443 ssl;
        server_name  webman.ling2.cn;
 
        charset utf-8;
 
        location / {
          proxy_pass http://surface.ling2.cn:5000/;
          proxy_set_header   Host             $host;
          proxy_set_header   X-Real-IP        $remote_addr;
          proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          client_max_body_size    1000m;
        }
        ssl_certificate      /etc/letsencrypt/live/wiki.ling2.cn/fullchain.pem;
        ssl_certificate_key  /etc/letsencrypt/live/wiki.ling2.cn/privkey.pem;
    }
}
EOF

备份

    upstream SMTP{
       server surface.ling2.cn:25;
    }
    upstream POP2{
       server surface.ling2.cn:109;
    }
    upstream POP3{
       server surface.ling2.cn:110;
    }
    upstream IMAP{
       server surface.ling2.cn:143;
    }
    upstream SMTPS{
       server surface.ling2.cn:465;
    }
    upstream POP3S{
       server surface.ling2.cn:995;
    }
    upstream IMAPS{
       server surface.ling2.cn:993;
    }
    upstream TLS{
       server surface.ling2.cn:587;
    }
server {
        listen 25;
        proxy_pass SMTP;
    }
    server {
        listen 109;
        proxy_pass POP2;
    }
    server {
        listen 110;
        proxy_pass POP3;
    }
    server {
        listen 143;
        proxy_pass IMAP;
    }
    server {
        listen 995;
        proxy_pass POP3S;
    }
    server {
        listen 993;
        proxy_pass IMAPS;
    }
    server {
        listen 587;
        proxy_pass TLS;
    }