user root; worker_processes 2; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; pid logs/nginx.pid; events { worker_connections 1024; } stream { server { listen 9092; proxy_pass kafka_backend; } upstream kafka_backend { server 172.20.0.248:9092; } server { listen 2181; proxy_pass zookeeper_backend; } upstream zookeeper_backend { server 172.20.0.248:2181; } } http { include mime.types; default_type application/octet-stream; map $http_upgrade $connection_upgrade { default upgrade; '' close; } #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; underscores_in_headers on; #keepalive_timeout 0; keepalive_timeout 65; gzip on; gzip_comp_level 3; gzip_disable "MSIE [1-6]\."; gzip_vary on; server { #测试环境jenkins server_name jenkins.te.baibaodun.com.cn; location / { proxy_pass http://172.20.0.215:8080; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/jenkins.te.baibaodun.com.cn-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/jenkins.te.baibaodun.com.cn-0001/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #测试环境jenkins listen 9031; server_name _; location /center/login { proxy_pass http://172.20.0.48:8001/center; } #listen 443 ssl; # managed by Certbot #ssl_certificate /etc/letsencrypt/live/jenkins.te.baibaodun.com.cn-0001/fullchain.pem; # managed by Certbot #ssl_certificate_key /etc/letsencrypt/live/jenkins.te.baibaodun.com.cn-0001/privkey.pem; # managed by Certbot #include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #海康 listen 88; server_name 127.0.0.1; location / { proxy_pass https://172.20.0.63:8001/center; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } } upstream dispatch-backend-server { server 172.20.0.227:8082; server 172.20.0.227:8083; } server { #测试-企业端 listen 443 ssl; # managed by Certbot listen 80; server_name v5qy.te.baibaodun.com.cn; #add_header Access-Control-Allow-Origin *; #add_header Access-Control-Allow-Methods 'GET,POST,DELETE,PUT,OPTIONS'; #add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; client_max_body_size 50M; large_client_header_buffers 4 16k; client_body_buffer_size 158k; client_header_timeout 150; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { root /data/workspace/badp-bcxin-web-5.x-static/static; index index.html; } #百度智能云 location /bdapi/ { rewrite ^/bdapi(/.*)$ $1 break; proxy_pass https://aip.baidubce.com:443; proxy_set_header Host aip.baidubce.com; resolver 8.8.8.8 ipv6=off; add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET,POST,DELETE,PUT,OPTIONS'; add_header Access-Control-Allow-Header '*'; add_header Access-Control-Allow-Credentials 'true'; } #V5转发,用于第三方平台系统 location /v5api/ { rewrite ^/v5api(/.*)$ $1 break; proxy_pass https://v5qy.te.baibaodun.com.cn; } #小程序业务域名 location ~* \.txt$ { root /data/workspace/badp-bcxin-web-5.x-static/beian; try_files $uri =404; default_type text/plain; } location /static { # if ($request_uri = /static) { # rewrite ^/(.*)$ https://v5qy.te.baibaodun.com.cn/$1 permanent; # } alias /data/workspace/badp-bcxin-web-5.x-static/static; index index.html; } location /static/signon/staffMobile { alias /data/workspace/badp-bcxin-web-5.x-static/static/signon/staffMobile; index index.html; } location /static/signon/staff { alias /data/workspace/badp-bcxin-web-5.x-static/staff; index index.html; } #kms前端pc location /static/kms { alias /data/workspace/badp-bcxin-web-5.x-static/kms; index index.html; } #kms前端phone location /static/kmsphone { alias /data/workspace/badp-bcxin-web-5.x-static/kmsphone; index index.html; } #可视化大屏 location /static/kshdp/ { alias /data/workspace/badp-bcxin-web-5.x-static/kshdp/; try_files $uri $uri/ /static/kshdp/index.html; } location /static/mobile { alias /data/workspace/badp-bcxin-web-5.x-static/badp-bcxin-web-5.x-mobile; index index.html; } location /static/portal/vue { alias /data/workspace/badp-bcxin-web-5.x-static/badp-bcxin-web-5.x-vue; index index.html; } location /static/signon/access { alias /data/workspace/badp-bcxin-web-5.x-static/access; index index.html; } location /static/signon/dispatchVue { alias /data/workspace/badp-bcxin-web-5.x-static/dispatchVue; index index.html; } location /flighting { proxy_pass http://218.108.76.202:37080/; } location /v3/salary { proxy_pass http://172.20.0.160:8081/v3/salary; } #可视化大屏后端 location /prod-api/ { proxy_pass http://172.20.0.160:9712/; rewrite ^/prod-api/(.*) /$1 break; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Cookie $http_cookie; add_header 'Access-Control-Allow-Origin' "https://your-domain.com" always; add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,Content-Type,Authorization' always; if ($request_method = 'OPTIONS') { return 204; } } location /ihr/open { proxy_pass http://172.20.0.7:21001/open; } location /fdd/sign-task { proxy_pass http://172.20.0.160:22001/api/fdd/sign-task; } location /v1 { proxy_pass http://117.78.37.88:18080; } location /IMAudio { proxy_pass https://cos.ap-shanghai.myqcloud.com; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_header Server; } location /obpm { proxy_pass http://172.20.0.160:9090/obpm; proxy_buffer_size 1024k; fastcgi_connect_timeout 600s; fastcgi_send_timeout 600s; fastcgi_read_timeout 600s; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; } location /email { proxy_pass http://172.20.0.160:9090/email; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /kms { proxy_pass http://172.20.0.160:9090/kms; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /message { proxy_pass http://172.20.0.160:9090/message; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /designer { proxy_pass http://172.20.0.160:9001/designer; proxy_buffer_size 10240k; proxy_buffers 16 10240k; proxy_busy_buffers_size 20480k; proxy_temp_file_write_size 20480k; } location /gateway { proxy_pass http://172.20.0.160:9090; proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; } location /v3{ proxy_pass http://172.20.0.160:8180/v3; } location /v3/shared{ proxy_pass http://172.20.0.160:8182/v3/shared; } location /pttApi { proxy_pass http://49.4.21.141:50001/gis; #proxy_pass http://gis.baibaodun.cn:50001/gis; } location /sync/api { proxy_pass http://172.20.0.7:21002/api; } location /sync/oauth { proxy_pass http://172.20.0.7:21002/oauth; } location /sync/user { proxy_pass http://172.20.0.7:21002/user; } location /login { proxy_pass http://172.20.0.7:21002/login; } #/ComServiceApi/ 代理公共服务接口 location /ComServiceApi/ { #proxy_pass http://attends.test.baibaodun.cn/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://172.20.0.7:7080/; } #事件流配置项目 location /job-web { proxy_pass http://220.243.137.100:9090/job-web; } #防控指挥项目 location /dispatch { #proxy_pass http://172.20.0.227:8082/dispatch; proxy_pass http://dispatch-backend-server/dispatch; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; add_header x-cus-upstream-Server $upstream_addr; client_max_body_size 50M; } location /v2/dispatch { proxy_pass http://172.20.0.227:8082/dispatch; } # 行政oa location /personnel-oa { proxy_pass http://172.20.0.7:16001; add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET,POST,DELETE,PUT,OPTIONS'; add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; } ssl_certificate /etc/letsencrypt/live/v5qy.te.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/v5qy.te.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { listen 443 ssl; server_name sync.baibaodun.cn; location / { proxy_pass http://172.20.0.7:21002; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } ssl_certificate /etc/letsencrypt/live/sync.baibaodun.cn/baibaodun.cn.pem; # 替换为您的证书文件路径 ssl_certificate_key /etc/letsencrypt/live/sync.baibaodun.cn/baibaodun.cn.key; } server { #测试-监管内网端 listen 80; listen 443 ssl; # managed by Certbot server_name v5in.te.baibaodun.com.cn; ssl_certificate /etc/letsencrypt/live/v5in.te.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/v5in.te.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET,POST,DELETE,PUT,OPTIONS'; add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; client_max_body_size 100M; large_client_header_buffers 4 16k; client_body_buffer_size 158k; client_header_timeout 150; location / { root /data/workspace/badp-bcxin-web-5.x-static/static; index index.html; } location /static { alias /data/workspace/badp-bcxin-web-5.x-static/static; index index.html; } location /obpm { proxy_pass http://172.20.0.248:9090/obpm; proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; } location /email { proxy_pass http://172.20.0.248:9090/email; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /kms { proxy_pass http://172.20.0.248:9090/kms; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /message { proxy_pass http://172.20.0.248:9090/message; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /designer { proxy_pass http://172.20.0.248:19092/designer; proxy_buffer_size 10240k; proxy_buffers 16 10240k; proxy_busy_buffers_size 20480k; proxy_temp_file_write_size 20480k; } location /gateway { proxy_pass http://172.20.0.248:9090; proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; } location /v3{ proxy_pass http://172.20.0.248:8180/v3; } location /v3/shared{ proxy_pass http://172.20.0.248:8182/v3/shared; } location /shopping{ proxy_pass http://172.20.0.248:40000; } location /static/portal/vue { alias /data/workspace/badp-bcxin-web-5.x-static/badp-bcxin-web-5.x-vue; index index.html; } } server { #IM前端 server_name testim.baibaodun.com.cn; root /data/workspace/badp-bcxin-web-5.x-static/static/im-web/; location / { index index.html index.htm; try_files $uri $uri/ /index.html; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/testim.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/testim.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 百保盾商城商户端 server_name mer.ws.baibaodun.com.cn; root /data/workspace/mer.ws.baibaodun.com.cn/; location / { try_files $uri $uri/ /index.html; } location /crmebimage { proxy_pass http://172.20.0.7:40000; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /doc.html { proxy_pass http://172.20.0.7:40001; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /api { client_max_body_size 1024m; proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; client_body_buffer_size 158k; proxy_pass http://172.20.0.7:40000; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mer.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mer.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 百保盾商城平台端 server_name admin.ws.baibaodun.com.cn; root /data/workspace/admin.ws.baibaodun.com.cn; location / { try_files $uri $uri/ /index.html; } client_max_body_size 1024m; listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/pay.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/pay.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot location /api { proxy_pass http://172.20.0.7:40000; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /crmebimage { proxy_pass http://172.20.0.7:40000; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /doc.html { proxy_pass http://172.20.0.7:40000; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { # 百保盾前端 server_name front.ws.baibaodun.com.cn; location / { proxy_pass http://172.20.0.7:40001; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/front.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/front.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 签章前端开源 listen 80; server_name qianzhang.test.baibaodun.cn; root /data/workspace/qianzhang; location / { index index.html index.htm; try_files $uri $uri/ /index.html; } } server { # 百保盾PC商城,用户中心--前端项目 server_name shop.ws.baibaodun.com.cn; root /data/workspace/shop.ws.baibaodun.com.cn; location / { index index.html index.htm; try_files $uri $uri/ /index.html; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/shop.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/shop.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot client_max_body_size 10m; location /api { proxy_pass http://172.20.0.7:40001; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /crmebimage { proxy_pass http://172.20.0.7:40000; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /doc.html { proxy_pass http://172.20.0.7:40001; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } #测试百课堂h5 server { listen 80; server_name te.bktang.cn; root /data/workspace/te.bktang.cn/web; location / { try_files $uri $uri/ /index.html; } } server { #商城uniapp-h5端 server_name h5shop.ws.baibaodun.com.cn; client_max_body_size 20M; location / { root /data/workspace/h5shop.ws.baibaodun.com.cn; index index.html index.htm; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/h5shop.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/h5shop.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #调度大屏 listen 80; listen 443 ssl; server_name diaodudaping.ws.baibaodun.com.cn; ssl_certificate /etc/letsencrypt/live/diaodudaping.ws.baibaodun.com.cn/cert.pem; ssl_certificate_key /etc/letsencrypt/live/diaodudaping.ws.baibaodun.com.cn/key.pem; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; location / { root /data/workspace/dispatch; index index.html index.htm; client_max_body_size 10m; } location /magic/ { proxy_pass http://172.20.0.7:9999/magic/; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /screen/ { proxy_pass http://172.20.0.7:9999/screen/; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET,POST,DELETE,PUT,OPTIONS'; add_header 'Access-Control-Allow-Header' 'Content-Type,*'; } location /dispatch/ { proxy_pass http://172.20.0.7:9999/dispatch/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { #商城pc用户端 server_name usershop.ws.baibaodun.com.cn; location / { root /data/workspace/usershop.ws.baibaodun.com.cn/; try_files $uri $uri/ /index.html; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/usershop.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/usershop.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 百保盾PC企业钱包--前端项目 server_name pay.ws.baibaodun.com.cn; root /data/workspace/pay.ws.baibaodun.com.cn; location / { index index.html index.htm; try_files $uri $uri/ /index.html; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/pay.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/pay.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot location /api { proxy_pass http://172.20.0.7:40001; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } # 百联保 server { server_name blb.test.bcxin.com.cn; location / { proxy_pass http://172.20.0.7:8083; } #如果抓取的 UA 中含有 spider 或 bot 时返回 403 if ($http_user_agent ~* "spider|bot") { return 403; #如果是删除已收录的,则可以返回 404 break; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/blb.test.bcxin.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/blb.test.bcxin.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } upstream blbyt.test.bcxin.com.cn { server 172.20.0.7:8083; } # 亚太 server { server_name blbyt.test.bcxin.com.cn; location / { proxy_pass http://blbyt.test.bcxin.com.cn; index index.html index.htm; client_max_body_size 100m; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } location = /error.png { root html; } #如果抓取的 UA 中含有 spider 或 bot 时返回 403 if ($http_user_agent ~* "spider|bot") { return 403; #如果是删除已收录的,则可以返回 404 break; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/blbyt.test.bcxin.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/blbyt.test.bcxin.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } upstream blbzj.test.bcxin.com.cn { server 172.20.0.7:8083; } server { server_name blbzj.test.bcxin.com.cn; location / { proxy_pass http://blbzj.test.bcxin.com.cn; index index.html index.htm; client_max_body_size 10m; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/blbzj.test.bcxin.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/blbzj.test.bcxin.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # 业务支撑 server { server_name support.test.bcxin.com.cn; listen 80; location / { proxy_pass http://172.20.0.7:40017/; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } #探勘服务 server { server_name takan.test.pss360.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:40030/; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/takan.test.pss360.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/takan.test.pss360.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # 公共服务 server { server_name identify.test.bcxin.com.cn; #server_name identify.te.baibaodun.com.cn; client_max_body_size 220m; #location /identify/api/common/{ # proxy_pass http://172.20.0.7:8886; #} location / { proxy_pass http://172.20.0.7:40016; } proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/identify.test.bcxin.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/identify.test.bcxin.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot # listen 80; # listen 443 ssl; # managed by Certbot # ssl_certificate /etc/letsencrypt/live/identify.te.baibaodun.com.cn/fullchain.pem; # managed by Certbot # ssl_certificate_key /etc/letsencrypt/live/identify.te.baibaodun.com.cn/privkey.pem; # managed by Certbot # include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #申报系统 server_name out.test.pss360.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:40007/; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/out.test.pss360.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/out.test.pss360.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 陕西bbd外网接口 server_name outsnbbd.test.baibaodun.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:40015; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/outsnbbd.test.baibaodun.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/outsnbbd.test.baibaodun.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #陕西bbd内网接口 server_name insnbbd.test.baibaodun.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:40018; } listen 80; } #server { #bcx—fdd # listen 80; # server_name test-fdd.baibaodun.cn; # client_max_body_size 20m; # # location / { # proxy_pass http://172.20.0.160:22001; # } # #} server { #审批系统 server_name in.test.pss360.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:40005/; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/in.test.pss360.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/in.test.pss360.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } #e站风评系统 server { server_name estand.test.pss360.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:4858/; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/estand.test.pss360.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/estand.test.pss360.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #大活主站 server_name main.test.pss360.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:40014/; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/main.test.pss360.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/main.test.pss360.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 测试环境-物可视 server_name visiblebi.test.bcxin.com.cn; client_max_body_size 20m; location / { proxy_pass http://172.20.0.7:40006/; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/visiblebi.test.bcxin.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/visiblebi.test.bcxin.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #基础服务 server_name attends.test.baibaodun.cn; client_max_body_size 10M; location / { proxy_pass http://172.20.0.7:7080; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/attends.test.baibaodun.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/attends.test.baibaodun.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # 基础服务前端 server { server_name attendsweb.test.baibaodun.cn; client_max_body_size 10M; location / { root /data/workspace/attendsweb.test.baibaodun.cn/dist; try_files $uri $uri/ index.html; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/attendsweb.test.baibaodun.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/attendsweb.test.baibaodun.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { server_name jumpserver.ws.baibaodun.com.cn; location / { proxy_pass http://172.20.0.73:80; } client_max_body_size 2048M; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/jumpserver.ws.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/jumpserver.ws.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 预览服务 server_name preview.test.bcxin.com.cn; location / { proxy_pass http://172.20.0.7:8912/; proxy_connect_timeout 300s; root html; index index.html index.htm; client_max_body_size 100m; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/preview.test.bcxin.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/preview.test.bcxin.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { #伏羲踏勘 listen 80; server_name rty.te.baibaodun.com.cn; root /data/workspace/bcx-rtypgcwihbxy/dist; try_files $uri $uri/ /index.html; # location / { # proxy_pass http://172.20.0.248:8080/; # proxy_connect_timeout 300s; # client_max_body_size 100m; # } } server { #从旧sass迁移考勤,驻勤,薪酬嵌套到v5 listen 80; listen 443 ssl; server_name sassV5.te.baibaodun.com.cn; root /data/workspace/sassV5.te.baibaodun.com.cn; location / { try_files $uri $uri/ /index.html; } client_max_body_size 10m; ssl_certificate /etc/letsencrypt/live/sassv5.te.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/sassv5.te.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { server_name personnel-oa.te.baibaodun.com.cn; location / { proxy_pass http://172.20.0.7:16001; } proxy_buffer_size 1024k; proxy_buffers 16 1024k; proxy_busy_buffers_size 2048k; proxy_temp_file_write_size 2048k; large_client_header_buffers 4 16k; client_body_buffer_size 158k; client_header_timeout 150; proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 10m; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/personnel-oa.te.baibaodun.com.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/personnel-oa.te.baibaodun.com.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { # 认证服务 server_name v5auth.test.bcxin.com.cn; client_max_body_size 10M; location / { proxy_pass http://172.20.0.7:8800; } proxy_set_header Host $host; proxy_set_header X-real-ip $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } #jvs文档 server { server_name wendang.test.baibaodun.cn *.wendang.test.baibaodun.cn; client_max_body_size 20m; location ^~ / { proxy_pass http://172.20.0.2:8081; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header X-Client-IP $remote_addr; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 60; proxy_read_timeout 600; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/wendang.test.baibaodun.cn-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/wendang.test.baibaodun.cn-0001/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } #jvs管理端 server { server_name guanli.test.baibaodun.cn *.guanli.test.baibaodun.cn; client_max_body_size 20m; location ^~ / { proxy_pass http://172.20.0.2:8088; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header X-Client-IP $remote_addr; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 60; proxy_read_timeout 600; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/guanli.test.baibaodun.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/guanli.test.baibaodun.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } #jvsfile server { listen 80; server_name file.test.baibaodun.cn; location /504.jpg { root /usr/share/nginx/html; } location ^~ / { proxy_pass http://172.20.0.2:20812; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; add_header X-Cache $upstream_cache_status; } proxy_intercept_errors on; #定义错误页面码,如果出现相应的错误页面码,转发到那里。 error_page 504 /504.html; #承接上面的location。 location = /504.html { #放错误页面的目录路径。 root /usr/share/nginx/html; } } #jvs-jvsoss server { server_name jvsoss.test.baibaodun.cn; client_max_body_size 20m; location ^~ / { proxy_pass http://172.20.0.2:9000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; add_header X-Cache $upstream_cache_status; } listen 80; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/jvsoss.test.baibaodun.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/jvsoss.test.baibaodun.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } #jvs-office server { listen 80; server_name office.test.baibaodun.cn; location ^~ / { proxy_pass http://172.20.0.2:32467; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; add_header X-Cache $upstream_cache_status; } } #陀螺匠 server { server_name tuoluojiang.test.baibaodun.cn; client_max_body_size 20m; location ^~ / { proxy_pass http://172.20.0.85:20300; proxy_set_header Host $host; proxy_http_version 1.1; proxy_set_header X-Client-IP $remote_addr; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_connect_timeout 60; proxy_read_timeout 600; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/tuoluojiang.test.baibaodun.cn/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/tuoluojiang.test.baibaodun.cn/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = jumpserver.ws.baibaodun.com.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name jumpserver.ws.baibaodun.com.cn; return 404; # managed by Certbot } server { if ($host = sync.baibaodun.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name sync.baibaodun.cn; return 404; # managed by Certbot } server { if ($host = personnel-oa.te.baibaodun.com.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name personnel-oa.te.baibaodun.com.cn; return 404; # managed by Certbot } server { if ($host = attends.test.baibaodun.cn) { return 301 https://$host$request_uri; } # managed by Certbot server_name attends.test.baibaodun.cn; listen 80; return 404; # managed by Certbot } server { if ($host = attendsweb.test.baibaodun.cn) { return 301 https://$host$request_uri; } # managed by Certbot server_name attendsweb.test.baibaodun.cn; listen 80; return 404; # managed by Certbot } server { if ($host = blbzj.test.bcxin.com.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name blbzj.test.bcxin.com.cn; return 404; # managed by Certbot } #server { # if ($host = identify.te.baibaodun.com.cn) { # return 301 https://$host$request_uri; # } # managed by Certbot # # # server_name identify.te.baibaodun.com.cn; # listen 80; # return 404; # managed by Certbot #} server { if ($host = testim.baibaodun.com.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name testim.baibaodun.com.cn; return 404; # managed by Certbot } server { if ($host = wendang.test.baibaodun.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name wendang.test.baibaodun.cn; return 404; # managed by Certbot } #server { # if ($host = jvsoss.test.baibaodun.cn) { # return 301 https://$host$request_uri; # } # managed by Certbot # # # listen 80; # server_name jvsoss.test.baibaodun.cn; # return 404; # managed by Certbot # # #} server { if ($host = guanli.test.baibaodun.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name guanli.test.baibaodun.cn; return 404; # managed by Certbot } server { if ($host = tuoluojiang.test.baibaodun.cn) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name tuoluojiang.test.baibaodun.cn; return 404; # managed by Certbot }}