Page tree

如需转载请标注内容地址为: https://wiki.shileizcc.com/confluence/display/DOC/Docker+Nginx+Proxy

Skip to end of metadata
Go to start of metadata

请在使用站内资源的同时不要恶意进行爬取或倒链等行为,感谢支持!

Docker Nginx Proxy

Nginx 内网代理。

Dockerfile
FROM nginx:latest

COPY nginx.conf /etc/nginx/nginx.conf
COPY default.conf /etc/nginx/conf.d/default.conf
nginx.conf
user  nginx;

worker_processes  2;

worker_cpu_affinity auto;

worker_rlimit_nofile 65535;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
        use epoll;
        multi_accept on;
        worker_connections  65535;
}

http {
        include       mime.types;
        default_type  application/octet-stream;

        charset  UTF-8;

        server_names_hash_bucket_size 128;
        client_header_buffer_size 128k;
        large_client_header_buffers 8 128k;
        client_max_body_size 20g;

        sendfile        on;
        tcp_nopush     on;
        open_file_cache max=51200 inactive=20s;
        open_file_cache_valid 30s;
        open_file_cache_min_uses 1;

        keepalive_timeout  60;

        tcp_nodelay on;

        server_tokens off;

        fastcgi_connect_timeout 600;
        fastcgi_send_timeout 600;
        fastcgi_read_timeout 600;
        fastcgi_buffer_size 512k;
        fastcgi_buffers 16 256k;
        fastcgi_busy_buffers_size 512k;
        fastcgi_temp_file_write_size 512k;
        fastcgi_intercept_errors on;

        client_header_timeout  6m;
        client_body_timeout    6m;
        send_timeout           6m;
        connection_pool_size        256;
        request_pool_size        8k;
        output_buffers   8 64k;
        postpone_output  1460;
        client_body_buffer_size    1024k;

        gzip  on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.0;
        gzip_comp_level 3;
        gzip_proxied    any;
        gzip_types       text/plain application/x-javascript application/json text/css application/xml;
        gzip_vary on;

        proxy_connect_timeout       600;
        proxy_read_timeout          600;
        proxy_send_timeout          600;
        proxy_buffers               4 64k;
        proxy_busy_buffers_size     128k;
        proxy_temp_file_write_size  128k;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        proxy_ignore_client_abort on;
        proxy_next_upstream error;
        proxy_buffer_size 64k;
        proxy_temp_path   /tmp/nginx_proxy_temp;
        proxy_cache_path  /tmp/proxy_cps_cache levels=1:2 keys_zone=cache_cps:1024m inactive=2d max_size=8g;
        proxy_cache_path  /tmp/proxy_cpsSimhash_cache levels=1:2 keys_zone=cache_cpsSimhash:1024m inactive=2d max_size=8g;
        proxy_cache_path  /tmp/proxy_search_cache levels=1:2 keys_zone=cache_search:1024m inactive=2d max_size=8g;
        proxy_pass_header  Set-Cookie;

        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

        access_log  /var/log/nginx/access.log  main;

        include /etc/nginx/conf.d/*.conf;

}
default.conf
# proxy
server {
        listen 7979;

        # shaohk
        # allow 192.168.0.1/16;
        # deny all;

        # use dnsmasq, dont remove me, qianwenpin
        resolver 114.114.114.114;
        resolver_timeout 5s;

        location / {
                proxy_redirect off;

                if ($http_host = 10.100.2.12) {
                        return 403;
                }

                proxy_pass $scheme://$http_host$request_uri;

                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-NginX-Proxy true;
                add_header Access-Control-Allow-Origin *;
                add_header Access-Control-Allow-Headers X-Token;

                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        }
}

启动如下:

$ docker run -d --name nginx-proxy -p 7979:7979 slzcc/nginx:proxy

文档创建于 最后一次更新于  , 文档当前的状态 正式版 , 当前编写页面的版本 V1.3.1 。

  • No labels