upstream scm-app { server scm-server:8091 max_fails=5 fail_timeout=10s weight=1; keepalive 100; } server { listen 80 default_server; listen 443 ssl default_server; server_name _; ssl_certificate /etc/nginx/conf.d/scs1693214452600__.cdshell.com_server.crt; ssl_certificate_key /etc/nginx/conf.d/scs1693214452600__.cdshell.com_server.key; return 403; } server { listen 443 ssl; server_name scm.cdshell.com; #ssl证书的crt文件路径 ssl_certificate /etc/nginx/conf.d/scs1693214452600__.cdshell.com_server.crt; #ssl证书的key文件路径 ssl_certificate_key /etc/nginx/conf.d/scs1693214452600__.cdshell.com_server.key; #ssl_session_timeout 5m; #ssl_verify_client off; # ssl_prefer_server_ciphers on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; #charset koi8-r; #access_log /var/log/nginx/host.access.log main; client_header_buffer_size 32k; #上传文件大小限制 large_client_header_buffers 4 64k; #设定请求缓 client_max_body_size 8m; #设定请求缓 location / { root /usr/share/nginx/html; index index.html index.htm; } location /scm/ { proxy_pass http://scm-app/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} }