由于涉及到h5与后端交互，跨域问题，所以公司的开放测试服务器让我们自己搞nginx。顺便提升一下nginx的实践。
　　nginx的安装，没什么难度了，百度一堆，如果源码安装就一步步来吧。（最简单的方式：yum install nginx (centos)， apt-get install nginx(ubuntu)）
　　nginx.conf，作为最外层的配置文件，主要设置一些基础的配置就好了，如内存配置，日志格式配置，线程配置等，最后使用一个include conf.d/* 将其他配置文件包含进来即可。
　　【nginx.conf 基础配置】
user  nginx;
worker_processes  auto;
error_log  /data/var/log/nginx/error.log debug;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
worker_connections  1024;
}
# load modules compiled as Dynamic Shared Object (DSO)
#
#dso {
#    load ngx_http_fastcgi_module.so;
#    load ngx_http_rewrite_module.so;
#}
http {
include       mime.types;
default_type  application/octet-stream;
autoindex off;
server_tokens off;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 20m;
client_body_buffer_size 256k;
sendfile on;
tcp_nopush     on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 128k;
fastcgi_buffers 32 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
gzip  on;
gzip_disable "msie6";
gzip_vary on;
gzip_comp_level 2;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_types text/plain application/x-javascript text/css application/xml application/javascript;
log_format main '$request_time $upstream_response_time $remote_addr - $upstream_addr [$time_local] '
'"$host" "$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" "$gzip_ratio" "$http_x_forwarded_for" - "$server_addr" ';
access_log /data/var/log/nginx/access.log main;
include conf.d/*.conf;
}
　　【conf.d/*， 具体的域名配置，http://】
upstream 3ctest_x123_com {
server 192.168.1.103:81;
keepalive 8;
}
upstream mytest_x123_com {
server 192.168.1.103:80;
keepalive 8;
}
upstream 3capi_x123_com {
server 192.168.1.103:9002;
keepalive 8;
}
upstream yhapi_x123_com {
server 192.168.1.103:8089;
keepalive 8;
}
server {
listen 80;
server_name 3ctest.x123.com;
location / {
proxy_pass http://3ctest_x123_com;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 60;
proxy_read_timeout 600;
proxy_send_timeout 600;
}
}
server {
listen 80;
server_name mytest.x123.com;
location / {
proxy_pass http://mytest_x123_com;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 60;
proxy_read_timeout 600;
proxy_send_timeout 600;
}
}
server {
listen 80;
server_name 3capi.x123.com;
location / {
proxy_pass http://3capi_x123_com;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 60;
proxy_read_timeout 600;
proxy_send_timeout 600;
}
}
server {
listen 80;
server_name yhapi.x123.com;
location / {
proxy_pass http://yhapi_x123_com;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 60;
proxy_read_timeout 600;
proxy_send_timeout 600;
}
}
server {
listen 80;
server_name 192.168.1.22;
location / {
proxy_pass http://192.168.1.22;
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 60;
proxy_read_timeout 600;
proxy_send_timeout 600;
}
}
upstream 192.168.1.22 {
server 192.168.1.22:88;
keepalive 8;
}
　　【Https:// 配置】
server {
listen       443 ssl;
server_name  wx.mysite1.com;
ssl         on;
ssl_certificate /etc/nginx/conf.d/ssl/mysite1.crt;
ssl_certificate_key /etc/nginx/conf.d/ssl/mysite1.key;
ssl_session_cache shared:SSL:200m;
ssl_session_timeout 20m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
location / {
#proxy_set_header    Host              $http_host;
#proxy_set_header Host $http_host;
#proxy_set_header X-Forwarded-For $remote_addr;
# online
#proxy_redirect      http://192.168.1.22/  http://$http_host/;
#proxy_pass          http://shmc.mysite1.com;
#proxy_pass          http://192.168.1.22/;
#index index.html;
#root /data/www/;
#       if ( $cookie_COOKIE ~* "(.*)$") {
#                set $all_cookie $1;
#        }
#        proxy_set_header Cookie "$http_cookie; node_id=018";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
add_header Access-Control-Allow-Origin *;
proxy_pass          http://192.168.1.22;
proxy_redirect off;
}
}
server {
listen       80;
server_name  wx.mysite1.com;
location / {
proxy_set_header    Host              $host;
# online
#proxy_redirect      http://192.168.1.22/  http://$http_host/;
#proxy_pass          http://shmc.mysite1.com;
proxy_pass          http://192.168.1.22/;
#index index.html;
#root /data/www/;
}
}
　　如上参考，应该可以解决大部分配置情况。
　　需要注意的是，nginx作为反向代理服务器，很多变量需要作特别转发，如ip地址，有问题可以先查看日志，如果语法错误，则不会被保存，这个比较好！
　　nginx作为负载均衡的重要软件，略加掌握总归是好的吧。
　　其实也不难，但是没有实战的谈话总是显得苍白无力！要做到好也不简单，一个简单的优化，可以让你的用户体验更好，服务器利用率更高，有得搞！