「备份」Gravatar Nginx 反代

Nginx 配置

vi /usr/local/nginx/conf/nginx.conf

查找 #limit_conn_zone $binary_remote_addr zone=perip:10m;

在前面加入以下内容:

client_body_buffer_size 512k;
proxy_connect_timeout 5;
proxy_read_timeout 60;
proxy_send_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
proxy_temp_path /home/cache/temp;

# 配置临时目录
proxy_cache_path /home/cache/path levels=1:2 keys_zone=cache:20m inactive=30d max_size=600m;
#20m是内存占用,30d是30天无访问删除,600m是缓存占具硬盘空间,cache为缓存区名字.

创建缓存目录,并赋予权限

mkdir /home/cache/path -p
mkdir /home/cache/temp
chmod 755 -R /home/cache

虚拟主机配置文件

vi /usr/local/nginx/conf/vhost/gravatar.inwao.com.conf

完整配置:

server{
listen 80;
listen 443 ssl;
server{
listen 80;
listen 443 ssl;
ssl_certificate /usr/ssl/gravatar.inwao.com.crt;
ssl_certificate_key /usr/ssl/gravatar.inwao.com.key;
ssl_session_timeout 10m;
ssl_protocols TLSv1.2 TLSv1.3;
#ssl_stapling on;
#ssl_stapling_verify on;
ssl_session_tickets on;
ssl_early_data on;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
server_name gravatar.inwao.com;
access_log /home/wwwlogs/gravatar.inwao.com.log;
if ($ssl_protocol = "") { return 301 https://$host$request_uri; }
if ($host != gravatar.inwao.com) {
rewrite ^/(.*)$ $scheme://gravatar.inwao.com/$1 permanent;
}
location / {
proxy_cache cache;
proxy_cache_valid 200 304 7d;
proxy_cache_valid any 10s;
proxy_cache_key "$scheme$host$request_uri";
expires 10d;
proxy_pass https://secure.gravatar.com;
#subs_filter secure.gravatar.com gravatar.inwao.com gi;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#向后端传递访客ip
#limit_conn one 20;
#limit_rate 200k;
#20为单ip连接数,200k为单ip连接速度,若要开启请去掉#
}

火币注册
评论 (2)
  1. avatar
    沙发
    简单生活 2021-03-06 13:06

    学习了,有时间我来试试!