upstream space.two.cn {
ip_hash;
#ip hash:每个请求按访问ip的hash结果分配,这样每个访客固定访问一个后端服务器,可以解决session的问题。
server 172.18.3.153:8077;
}
server {
listen 80;
server_name space.twocloud.cn;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443;
server_name space.otwo.cn;
ssl on;
ssl_certificate /home/clouder/vs/program/nginx/conf/ssl_key/twocloud.crt;
ssl_certificate_key /home/clouder/vs/program/nginx/conf/ssl_key/twocloud.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
location / {
proxy_pass http://space.twocloud.cn;
client_max_body_size 100m;
root html;
index index.html index.htm;
if ($ip_whitelist = 1) {
break;
}
return 403;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}