兰宝车间质量管理系统
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
疯狂的狮子li
2022-07-11 6c1e146bc17c51ed744aa289b20febe339703196 
 script/docker/nginx/nginx.conf


@@ -21,18 +21,18 @@




    access_log  /var/log/nginx/access.log  main;




   upstream server {


       ip_hash;


      server 172.30.0.60:8080;


      server 172.30.0.61:8080;


   }




    upstream monitor-admin {


        server 172.30.0.90:9090;


    upstream server {


        ip_hash;


        server 127.0.0.1:8080;


        server 127.0.0.1:8081;


    }




    upstream xxl-job-admin {


        server 172.30.0.92:9100;


    upstream monitor-admin {


        server 127.0.0.1:9090;


    }




    upstream xxljob-admin {


        server 127.0.0.1:9100;


    }




    server {


@@ -52,34 +52,55 @@


        #ssl_prefer_server_ciphers on;


        # https配置参考 end




      location / {


        # 演示环境配置 拦截除 GET POST 之外的所有请求


        # if ($request_method !~* GET|POST) {


        #     rewrite  ^/(.*)$  /403;


        # }




        # location = /403 {


        #     default_type application/json;


        #     return 200 '{"msg":"演示模式,不允许操作","code":500}';


        # }




        # 限制外网访问内网 actuator 相关路径


        location ~ ^(/[^/]*)?/actuator(/.*)?$ {


            return 403;


        }




        location / {


            root   /usr/share/nginx/html;


         try_files $uri $uri/ /index.html;


            try_files $uri $uri/ /index.html;


            index  index.html index.htm;


        }




      location /prod-api/ {


         proxy_set_header Host $http_host;


         proxy_set_header X-Real-IP $remote_addr;


         proxy_set_header REMOTE-HOST $remote_addr;


         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


         proxy_pass http://server/;


      }


        location /prod-api/ {


            proxy_set_header Host $http_host;


            proxy_set_header X-Real-IP $remote_addr;


            proxy_set_header REMOTE-HOST $remote_addr;


            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


            proxy_pass http://server/;


        }




      location /admin/ {


         proxy_set_header Host $http_host;


         proxy_set_header X-Real-IP $remote_addr;


         proxy_set_header REMOTE-HOST $remote_addr;


         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


         proxy_pass http://monitor-admin/admin/;


      }


        # https 会拦截内链所有的 http 请求 造成功能无法使用


        # 解决方案1 将 admin 服务 也配置成 https


        # 解决方案2 将菜单配置为外链访问 走独立页面 http 访问


        location /admin/ {


            proxy_set_header Host $http_host;


            proxy_set_header X-Real-IP $remote_addr;


            proxy_set_header REMOTE-HOST $remote_addr;


            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


            proxy_pass http://monitor-admin/admin/;


        }




        # https 会拦截内链所有的 http 请求 造成功能无法使用


        # 解决方案1 将 xxljob 服务 也配置成 https


        # 解决方案2 将菜单配置为外链访问 走独立页面 http 访问


        location /xxl-job-admin/ {


            proxy_set_header Host $http_host;


            proxy_set_header X-Real-IP $remote_addr;


            proxy_set_header REMOTE-HOST $remote_addr;


            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;


            proxy_pass http://xxl-job-admin/xxl-job-admin/;


            proxy_pass http://xxljob-admin/xxl-job-admin/;


        }




        error_page   500 502 503 504  /50x.html;