zeaslity/CmiiDeploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add

Browse Source
This commit is contained in:
zeaslity
2024-10-30 16:30:51 +08:00
commit 437acbeb63
3363 changed files with 653948 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
2-生产环境4.0/负载均衡服务器/配置/131-nginx-conf.conf Normal file
View File

88
2-生产环境4.0/负载均衡服务器/配置/131-oss-nginx.conf Normal file
View File

@@ -0,0 +1,88 @@
upstream minio_prod {
server 192.168.148.139:39000;
server 192.168.148.137:39000;
server 192.168.148.140:39000;
}
server {
listen 443 ssl ;
#listen [::]:443 ssl ;
include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
#include /etc/nginx/conf.d/ssl_settings/error-template.conf;
server_name oss.uavcmlc.com ;
#add_header 'Access-Control-Allow-Origin' "www.uavcmlc.com";
location / {
#valid_referers none *.uavcmlc.com;
#if ($invalid_referer) {
# return 403;
#}
port_in_redirect off;
client_max_body_size 5120m;
proxy_connect_timeout 20s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 4 4k;
proxy_max_temp_file_size 1024m;
proxy_request_buffering on;
proxy_http_version 1.1;
proxy_cookie_domain off;
proxy_cookie_path off;
proxy_next_upstream error timeout;
proxy_next_upstream_timeout 0;
proxy_next_upstream_tries 3;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://minio_prod;
}
location /minio/ {
allow 112.19.8.120/29;
allow 183.220.149.16/28;
deny all;
proxy_pass http://minio_prod/minio/;
}
location /crossdomain.xml {
allow 112.19.8.120/29;
allow 183.220.149.16/28;
deny all;
}
error_page 404 /404.html;
}
server {
listen 443 ssl ;
listen [::]:443 ssl ;
include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
server_name soss.uavcmlc.com;
ignore_invalid_headers off;
proxy_buffering off;
client_max_body_size 1024m;
client_body_buffer_size 1024m;
sendfile on;
send_timeout 600;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 600;
types_hash_max_size 2048;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_pass http://192.168.148.141:9000;
}
}

105
2-生产环境4.0/负载均衡服务器/配置/131-web-nginx.conf Normal file
View File

@@ -0,0 +1,105 @@
server {
listen 443 ssl ;
listen [::]:443 ssl ;
include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
include /etc/nginx/conf.d/ssl_settings/error-template.conf;
server_name uavcmlc.com;
rewrite ^(.*)$ https://www.uavcmlc.com:443$1 permanent;
error_page 497 301 https://www.uavcmlc.com:443$1;
}
upstream k8s_cluster {
ip_hash;
server 192.168.148.130:30500;
server 192.168.148.160:30500;
server 192.168.148.161:30500;
server 192.168.148.162:30500;
}
server {
listen 443 ssl backlog=1024;
listen [::]:443 ssl backlog=1024;
include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
include /etc/nginx/conf.d/ssl_settings/error-template.conf;
server_name www.uavcmlc.com s.uavcmlc.com;
location / {
proxy_pass http://k8s_cluster/;
client_max_body_size 5120m;
client_body_buffer_size 5120m;
client_body_timeout 6000s;
proxy_send_timeout 10000s;
proxy_read_timeout 10000s;
proxy_connect_timeout 600s;
proxy_max_temp_file_size 5120m;
proxy_request_buffering on;
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 4 12k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ ^/.*/(actuator|swagger-resources|api-docs|env|ping|health)(/|$) {
return 403;
}
error_page 404 /404.html;
}
server {
listen 443 ssl ;
listen [::]:443 ssl ;
include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
include /etc/nginx/conf.d/ssl_settings/error-template.conf;
#add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
server_name live.uavcmlc.com;
proxy_ignore_client_abort on;
location / {
proxy_pass http://192.168.148.130:30080/;
}
location /api/ {
allow 112.19.8.120/29;
allow 183.220.149.16/28;
deny all;
proxy_pass http://192.168.148.130:30985/api/;
}
location /console/ {
return 403;
}
location /rtc/v1/ {
proxy_pass http://192.168.148.130:30985/rtc/v1/;
}
location /api/hubs/live/ {
proxy_set_header Host "live-op.uavcmlc.com";
proxy_pass http://k8s_cluster/api/hubs/live/;
}
error_page 404 /404.html;
}
server {
listen 443 ssl ;
listen [::]:443 ssl ;
include /etc/nginx/conf.d/ssl_settings/ssl-x-uavcmlc.conf;
server_name slive.uavcmlc.com;
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
#proxy_ignore_client_abort on;
location / {
proxy_pass http://k8s_cluster/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_pass http://192.168.148.130:38080/;
}
}