Linux

我能否獲得有關我的 nginx 配置的建議(作為 Jira 和 Confluence 前面的代理)?

  • March 20, 2010

我想知道是否可以就我的 nginx 配置獲得一些建議。配置似乎正在工作,但我不確定我是否正確地做所有事情。基本思想是在同一台機器上執行 Jira 和 Confluence 伺服器(在不同的 Tomcat 實例中),前面有 nginx 來處理兩者的 SSL。我只希望與 Jira/Confluence 建立 SSL 連接。Jira 在 127.0.0.1:9090 上執行,Confluence 在 127.0.0.1:8080 上執行。這是我的 nginx.conf,任何建議或提示將不勝感激。

user              nginx;
worker_processes  1;

error_log         /var/log/nginx/error.log;
pid               /var/run/nginx.pid;

events {
   worker_connections  1024;
}


http {

   include       /etc/nginx/mime.types;
   default_type  application/octet-stream;

   log_format  main  '$remote_addr - $remote_user [$time_local] $request '
                     '"$status" $body_bytes_sent "$http_referer" '
                     '"$http_user_agent" "$http_x_forwarded_for"';

   access_log  /var/log/nginx/access.log  main;

   sendfile        on;
   #tcp_nopush     on;

   #keepalive_timeout  0;
   keepalive_timeout  65;

   #gzip  on;

   # Load config files from the /etc/nginx/conf.d directory
   include /etc/nginx/conf.d/*.conf;

   # Our self-signed cert
   ssl_certificate     /etc/ssl/certs/fissl.crt;
   ssl_certificate_key /etc/ssl/private/fissl.key;

   # redirect non-ssl Confluence to ssl
   server {
       listen 80;
       server_name  confluence.example.com;
       rewrite ^(.*) https://confluence.example.com$1 permanent;
   }

   # redirect non-ssl Jira to ssl
   server {
       listen 80;
       server_name  jira.example.com;
       rewrite ^(.*) https://jira.example.com$1 permanent;
   }

   #
   # The Confluence server
   #
   server {
       listen       443;
       server_name  confluence.example.com;

       ssl on;

       access_log  /var/log/nginx/confluence.access.log  main;
       error_log   /var/log/nginx/confluence.error.log;

       location / {
           proxy_pass http://127.0.0.1:8080;
           proxy_set_header X-Forwarded-Proto  https;
           proxy_set_header Host $http_host;            
       }

       error_page  404              /404.html;
       location = /404.html {
          root   /usr/share/nginx/html;
       }

       redirect server error pages to the static page /50x.html

       error_page   500 502 503 504  /50x.html;
       location = /50x.html {
          root   /usr/share/nginx/html;
       }

   }

   #
   # The Jira server
   #
   server {
       listen       443;
       server_name  jira.example.com;

       ssl on;

       access_log  /var/log/nginx/jira.access.log  main;
       error_log   /var/log/nginx/jira.error.log;

       location / {
           proxy_pass http://127.0.0.1:9090/;
           proxy_set_header X-Forwarded-Proto  https;
           proxy_set_header Host $http_host;
       }

       error_page  404              /404.html;
       location = /404.html {
           root   /usr/share/nginx/html;
       }

       # redirect server error pages to the static page /50x.html
       #
       error_page   500 502 503 504  /50x.html;
       location = /50x.html {
           root   /usr/share/nginx/html;
       }

   }
}

看起來不錯,但是,如果您直接從 nginx 提供靜態文件(圖像、css 等)而不是將其代理到 tomcat,您可能會獲得更好的性能。

引用自:https://serverfault.com/questions/118592

相關問答

Nginx

使用 Nginx 作為反向代理的 Tomcat 應用程序 (JIRA) 的基本身份驗證

  • October 21, 2019
檢視問答
Nginx

Nginx 多個網站背後的不同域路徑

  • June 17, 2013
檢視問答
Linux

NGINX 沒有一致地設置 Cache-Control 標頭

  • September 22, 2022
檢視問答
Linux

無法在 nginx 上通過 webdav 登錄

  • April 7, 2022
檢視問答
Linux

根據流量或請求的百分比對 HTTP 進行負載平衡?

  • April 1, 2022
檢視問答
Linux

當 Firewalld 執行時,Keepalived 腦裂

  • March 28, 2022
檢視問答