centos7.7环境下将tengine升级为最新的tengine2.3.2版本
1.升级openssl的版本为openssl-1.1.0l
# openssl-1.1.0l版本的编译
cd /usr/local/src
wget https://www.openssl.org/source/old/1.1.0/openssl-1.1.0l.tar.gz
tar xf openssl-1.1.0l.tar.gz
mkdir /usr/local/lab/openssl-1.1.0l
./config --prefix=/usr/local/lab/openssl-1.1.0l
make && make install
2.下载tengine2.3.2
# wget http://tengine.taobao.org/download/tengine-2.3.2.tar.gz
./configure --prefix=/usr/local/tengine-2.3.2 --with-ld-opt=-Wl,-rpath, --user=daemon --group=daemon --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_sub_module --with-http_stub_status_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gzip_static_module --with-http_geoip_module --with-http_secure_link_module --with-http_degradation_module --with-mail_ssl_module --with-pcre=/usr/local/lab/pcre-8.34 --with-zlib=/usr/local/lab/zlib-1.2.11 --add-module=/usr/local/lab/ngx_cache_purge-2.3 --with-jemalloc --with-http_lua_module --with-luajit-lib=/usr/local/lib/ --with-luajit-inc=/usr/local/include/luajit2.1/ --with-lua-inc=/usr/local/include/luajit2.1/ --with-lua-lib=/usr/local/lib/ --with-openssl=/usr/local/lab/openssl-1.1.0l --add-module=/usr/local/ngx_http_geoip2_module-3.2 --with-stream --add-module=/usr/local/lab/nginx_upstream_check_module-master
# 报错
cd /usr/local/lab/openssl-1.1.0l \
&& if [ -f Makefile ]; then make clean; fi \
&& ./config --prefix=/usr/local/lab/openssl-1.1.0l/.openssl no-shared no-threads \
&& make \
&& make install_sw LIBDIR=lib
/bin/sh: line 2: ./config: No such file or directory
make[1]: *** [/usr/local/lab/openssl-1.1.0l/.openssl/include/openssl/ssl.h] Error 127
make[1]: Leaving directory `/usr/local/src/tengine-2.3.2'
make: *** [build] Error 2
解决方案:
打开nginx源文件下的/usr/local/src/tengine-2.3.2/auto/lib/openssl/conf文件:
找到这么一段代码:
CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
修改成以下代码,即去掉 /.openssl 即可
CORE_INCS="$CORE_INCS $OPENSSL/include"
CORE_DEPS="$CORE_DEPS $OPENSSL/include/openssl/ssl.h"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/lib/libcrypto.a"
# 报错:模块不存在
[root@ws_compile-release:/usr/local/src/tengine-2.3.2]# ./configure --prefix=/usr/local/tengine-2.3.2 --with-ld-opt=-Wl,-rpath, --user=daemon --group=daemon --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_sub_module --with-http_stub_status_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gzip_static_module --with-http_geoip_module --with-http_secure_link_module --with-http_degradation_module --with-mail_ssl_module --with-pcre=/usr/local/lab/pcre-8.34 --with-zlib=/usr/local/lab/zlib-1.2.11 --add-module=/usr/local/lab/ngx_cache_purge-2.3 --with-jemalloc --with-http_upstream_check_module --with-http_lua_module --with-luajit-lib=/usr/local/lib/ --with-luajit-inc=/usr/local/include/luajit-2.0/ --with-lua-inc=/usr/local/include/luajit-2.0/ --with-lua-lib=/usr/local/lib/ --with-openssl=/usr/local/lab/openssl-1.1.0l --add-module=/usr/local/ngx_http_geoip2_module-3.2
./configure: error: invalid option "--with-http_upstream_check_module"
# --with-http_upstream_check_module 这个模块非常重要是检查连接池的组件,直接下载模块,添加编译参数 --with-stream --add-module=/usr/local/lab/nginx_upstream_check_module-master 即可
--with-openssl=/usr/local/lab/openssl-1.1.0l --add-module=/usr/local/ngx_http_geoip2_module-3.2
# 去掉如下两个模块的 编译
--with-http_concat_module
--with-http_sysguard_module
[root@ws_compile-release:/usr/local/tengine-2.3.2]# sbin/nginx
nginx: [alert] detected a LuaJIT version which is not OpenResty's; many optimizations will be disabled and performance will be compromised (see https://github.com/openresty/luajit2 for OpenResty's LuaJIT or, even better, consider using the OpenResty releases from https://openresty.org/en/download.html)
解决:将luajit升级为2.1
https://github.com/openresty/luajit2/archive/v2.1-20200102.tar.gz
tar xf v2.1-20200102.tar.gz
cd luajit2-2.1-20200102
make install PREFIX=/usr/local/include/luajit2.1
修改源文件tengine-2.3.2/src/http/ngx_http_parse.c
# 找到ngx_http_parse_unsafe_uri 函数,直接返回 NGX_OK
ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
ngx_str_t *args, ngx_uint_t *flags)
{
return NGX_OK; # 新增return NGX_OK;
u_char ch, *p, *src, *dst;
size_t len;
ngx_uint_t quoted;
len = uri->len;
p = uri->data;
quoted = 0;
if (len == 0 || p[0] == '?') {
goto unsafe;
}
if (p[0] == '.' && len > 1 && p[1] == '.'
&& (len == 2 || ngx_path_separator(p[2])))
{
goto unsafe;
}
for ( /* void */ ; len; len--) {
ch = *p++;
if (ch == '%') {
quoted = 1;
continue;
}
if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
continue;
}
if (ch == '?') {
args->len = len - 1;
args->data = p;
uri->len -= len;
break;
}
<!doctype html>
<html lang="en">
# 解决类似这样的页面无法正常解析
<!--#include virtual="library/header-track-1811.html"-->
# 最终的编译参数
./configure --prefix=/usr/local/tengine-2.3.2 --with-ld-opt="-Wl,-rpath,/usr/local/include/luajit2.1/lib" --user=daemon --group=daemon --with-http_ssl_module --with-http_v2_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_sub_module --with-http_stub_status_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gzip_static_module --with-http_geoip_module --with-http_secure_link_module --with-http_degradation_module --with-mail_ssl_module --with-pcre=/usr/local/lab/pcre-8.34 --with-zlib=/usr/local/lab/zlib-1.2.11 --add-module=/usr/local/lab/ngx_cache_purge-2.3 --with-jemalloc --with-http_lua_module --with-luajit-lib=/usr/local/include/luajit2.1/lib --with-luajit-inc=/usr/local/include/luajit2.1/include/luajit-2.1/ --with-lua-inc=/usr/local/include/luajit2.1/include/luajit-2.1/ --with-lua-lib=/usr/local/include/luajit2.1/lib --with-openssl=/usr/local/lab/openssl-1.1.0l --add-module=/usr/local/ngx_http_geoip2_module-3.2 --with-stream --add-module=/usr/local/lab/nginx_upstream_check_module-master
# make && make install
1.验证自动检测stream自动切换的功能
在后端服务器中添加代码
# 192.168.254.122
cat /data/www/vhosts/film.chinasoft.com/httpdocs/inf.php
<?php
echo 'web01';
?>
# 192.168.254.123
cat /data/www/vhosts/film.chinasoft.com/httpdocs/inf.php
<?php
echo 'web02';
?>
# 访问inf.php文件,会显示不同的内容,当注释掉 server 192.168.254.122:8080 max_fails=0 fail_timeout=30s weight=1; 部分时,只能返回web02
curl http://film.chinasoft.com/inf.php
主配置文件
# /usr/local/tengine-2.3.2/conf/nginx.conf
worker_processes 8;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
pid /data/www/logs/nginx.pid;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 10240;
accept_mutex off;
}
http {
include mime.types;
default_type application/octet-stream;
proxy_headers_hash_max_size 51200;
proxy_headers_hash_bucket_size 6400;
ssl_session_cache shared:SSL:200m;
ssl_session_timeout 15m;
geoip2 conf/GeoIP2/GeoIP2-Country.mmdb {
auto_reload 5m;
$geoip2_metadata_country_build metadata build_epoch;
$geoip2_data_country_code source=$remote_addr country iso_code;
$geoip2_data_country_name country names en;
}
geoip2 conf/GeoIP2/GeoIP2-City.mmdb {
$geoip2_data_city_name city names en;
}
fastcgi_param COUNTRY_CODE $geoip2_data_country_code;
fastcgi_param COUNTRY_NAME $geoip2_data_country_name;
fastcgi_param CITY_NAME $geoip2_data_city_name;
lua_package_path "/usr/local/nginx/conf/ngx_lua_waf/?.lua";
lua_shared_dict limit 10m;
init_by_lua_file /usr/local/nginx/conf/ngx_lua_waf/init.lua;
access_by_lua_file /usr/local/nginx/conf/ngx_lua_waf/waf.lua;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#log_format main '[$time_local] $remote_addr $status $request_time $body_bytes_sent "$request" "$http_referer" $upstream_addr $http_x_real_ip $http_x_forwarded_for $http_user_agent $request_filename';
log_format main '$remote_addr - - [$time_local] - - "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_cookie" "$request_body" "$http_user_agent" $request_time ';
#log_format test '[$fastcgi_script_name] [$time_local] $remote_addr $status $request_time $body_bytes_sent "$request" "$http_referer" $upstream_addr $http_x_real_ip $http_x_forwarded_for $http_user_agent ';
log_format error '$remote_addr - - [$time_local] - - "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time ';
#access_log logs/access.log main;
sendfile on;
tcp_nodelay on;
keepalive_timeout 90;
#----for upload file
client_max_body_size 8M;
client_body_buffer_size 2M;
#--- for resolve 400 error
client_header_buffer_size 64k;
large_client_header_buffers 4 64k;
proxy_connect_timeout 90s;
proxy_read_timeout 90s;
#60s内后端服务器需要返回成功
proxy_send_timeout 90s;
proxy_buffer_size 16k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_ignore_client_abort on;
proxy_intercept_errors on;
gzip on;
gzip_vary off;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 5;
gzip_disable "MSIE [1-6]\.";
gzip_types text/plain text/css text/javascript application/javascript application/x-javascript text/xml application/xml application/wasm;
ssi on;
ssi_silent_errors on;
#ssi_types text/shtml;
expires 60d;
server_names_hash_bucket_size 20480;
#if_modified_since before;
#limit_req_zone $binary_remote_addr zone=all_zone:10m rate=3r/s;
#limit_req zone=all_zone burst=2 nodelay;
upstream php_pool{
#ip_hash;
server 192.168.254.122:8080 max_fails=0 fail_timeout=30s weight=1;
#server 192.168.254.123:8080 max_fails=0 fail_timeout=30s weight=1;
check interval=3000 rise=2 fall=5 timeout=1000 type=tcp port=8080;
check_keepalive_requests 100;
# check_http_send "HEAD / HTTP/1.1\r\nConnection: keep-alive\r\n\r\n";
check_http_expect_alive http_2xx http_3xx;
}
upstream www_servers{
ip_hash;
server 192.168.254.1:80 max_fails=0 fail_timeout=30s weight=1;
server 192.168.254.2:80 max_fails=0 fail_timeout=30s weight=1;
check interval=3000 rise=2 fall=5 timeout=1000 type=tcp port=80;
check_keepalive_requests 100;
check_http_expect_alive http_2xx http_3xx;
}
include vhost.d/*.conf;
include admin_vhost.d/*.conf;
server {
listen 80 default_server;
server_name localhost;
location / {
root /data/www/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location /ws_status {
stub_status on;
access_log off;
}
location ~ ^/(status|ping)$ {
include fastcgi_params;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
}
location /status {
check_status html;
access_log off;
deny all;
}
}
}
# 虚拟主机Hosts
# vhosts.d/film.chinasoft.com
upstream film.server {
ip_hash;
server 1.1.1.1:443;
}
upstream video_tools.server {
# 如果不是局域网开启下面那个外网IP
server 1.1.1.5;
}
server {
listen 80;
server_name film.chinasoft.com ori-film.chinasoft.com ;
access_log off;
access_log /data/www/logs/nginx_log/access/film.chinasoft.com_access.log main ;
error_log /data/www/logs/nginx_log/error/film.chinasoft.com_error.log ;
root /data/www/vhosts/film.chinasoft.com/httpdocs ;
index index.html index.shtml index.php ;
include rewrite.d/film.chinasoft.com.conf ;
location /fr {
error_page 404 403 /fr/404.html;
}
location /es {
error_page 404 403 /es/404.html;
}
location /it {
error_page 404 403 /it/404.html;
}
location /de {
error_page 404 403 /de/404.html;
}
location /pt-br {
error_page 404 403 /pt-br/404.html;
}
error_page 404 403 /404.html;
# rewrite ^/(.*)$ https://film.chinasoft.com/$1 permanent; #跳转到Https
location ~ \.php$ {
proxy_pass http://php_pool;
include proxy_params;
expires -1;
}
location /campaign/ {
alias /data/www/vhosts/film.chinasoft.com/campaign/ ;
proxy_pass http://php_pool;
expires -1;
include proxy_params;
}
location /servers/ {
alias /data/www/vhosts/www_servers/;
proxy_pass http://php_pool;
expires -1;
include proxy_params;
}
location /effects-store/internal/ {
proxy_pass https://film.server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /meme-maker/ {
proxy_pass http://video_tools.server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /video-trimmer/ {
proxy_pass http://video_tools.server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
include proxy_params;
if (!-d $request_filename){
set $flag 1$flag;
}
if (!-f $request_filename){
set $flag 2$flag;
}
if ($flag = "21"){
proxy_pass http://php_pool;
expires -1;
}
}
}
server {
listen 443 ssl;
ssl_certificate cert2016/chinasoft_com.crt;
ssl_certificate_key cert2016/chinasoft_com.key;
ssl_dhparam cert2016/dh_2048.pem;
ssl_session_timeout 30m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AE
S256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3
-SHA:!KRB5-DES-CBC3-SHA";
ssl_prefer_server_ciphers on;
#ssl_stapling on;
#ssl_stapling_verify on;
add_header 'Access-Control-Allow-Origin' '*';
server_name film.chinasoft.com ori-film.chinasoft.com;
access_log /data/www/logs/nginx_log/access/film.chinasoft.com_access.log main ;
error_log /data/www/logs/nginx_log/error/film.chinasoft.com_error.log ;
root /data/www/vhosts/film.chinasoft.com/httpdocs ;
index index.html index.shtml index.php ;
include rewrite.d/film.chinasoft.com.conf ;
location /fr {
error_page 404 403 /fr/404.html;
}
location /es {
error_page 404 403 /es/404.html;
}
location /it {
error_page 404 403 /it/404.html;
}
location /de {
error_page 404 403 /de/404.html;
}
location /pt-br {
error_page 404 403 /pt-br/404.html;
}
error_page 404 403 /404.html;
if ($http_user_agent ~ Ezooms) {
return 403;
}
location /servers/ {
alias /data/www/vhosts/www_servers/;
proxy_pass http://php_pool;
expires -1;
include proxy_params;
}
location /campaign/ {
alias /data/www/vhosts/film.chinasoft.com/campaign/ ;
#proxy_pass http://php_pool_campaign;
proxy_pass http://php_pool;
expires -1;
include proxy_params;
}
location /effects-store/internal/ {
proxy_pass https://film.server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /meme-maker/ {
proxy_pass http://video_tools.server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /video-trimmer/ {
proxy_pass http://video_tools.server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ \.php$ {
proxy_pass http://php_pool;
expires -1;
include proxy_params;
}
location / {
include proxy_params;
if (!-d $request_filename){
set $flag 1$flag;
}
if (!-f $request_filename){
set $flag 2$flag;
}
if ($flag = "21"){
proxy_pass http://php_pool;
expires -1;
}
}
}
[root@ws_compile-release:/usr/local/nginx/conf/vhost.d]# cat checkeu.lua
--ngx.say(" {\"c_type\":0}")
local ngxmatch=ngx.re.match
usercountry = ngx.var.geoip2_data_country_code
--usercountry = ngx.var.geoip_country_code
eopcountry = "AT|BE|BG|CY|HR|CZ|DK|EE|FI|FR|DE|GR|HU|IE|IT|LV|LT|LU|MT|NL|PL|PT|RO|SK|SI|ES|SE|GB"
if not usercountry then
usercountry = ''
end
if not usercity then
usercity = ''
end
if ngxmatch(usercountry,eopcountry,"isjo") then
ngx.say("{\"c_type\":1,\"country_code\":\""..usercountry.."\"}")
else
ngx.say("{\"c_type\":0,\"country_code\":\""..usercountry.."\"}")
end
nginx的vhosts配置参考
# cat /usr/local//nginx/conf//vhost.d/common-info.chinasoft.com.conf server { listen 80; server_name common-info.chinasoft.com ; #access_log /data/www/logs/nginx_log/access/common-info.chinasoft.com_access.log main ; #error_log /data/www/logs/nginx_log/error/common-info.chinasoft.com_error.log ; root /data/www/vhosts/common-info.chinasoft.com/httpdocs ; index index.html index.shtml index.php ; error_page 404 403 /404.html; location /api/v1/checkeu { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; default_type 'text/plain'; content_by_lua_file '/usr/local/nginx/conf/vhost.d/checkeu.lua'; } } server { listen 443; ssl on; ssl_certificate /usr/local/nginx/conf/cert2016/chinasoft_com.crt; ssl_certificate_key /usr/local/nginx/conf/cert2016/chinasoft_com.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES128-SHA256:!AES256-SHA256:!AES128-SHA:!AES256-SHA:AES:!CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"; ssl_prefer_server_ciphers on; server_name common-info.chinasoft.com ; access_log /data/www/logs/nginx_log/access/common-info.chinasoft.com_access.log main ; #error_log /data/www/logs/nginx_log/error/common-info.chinasoft.com_error.log ; root /data/www/vhosts/common-info.chinasoft.com/httpdocs ; index index.html index.shtml index.php ; error_page 404 403 /404.html; location /api/v1/checkeu { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; default_type 'text/plain'; content_by_lua_file '/usr/local/nginx/conf/vhost.d/checkeu.lua'; } location /api/v2/checkeu { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; default_type 'text/plain'; content_by_lua_file '/usr/local/nginx/conf/vhost.d/checkeu_bak.lua'; } }
# 跳转www域名
if ($host ~* ^chinasoft.cn$){ rewrite ^(.*)$ https://www.chinasoft.cn$1 permanent;}
if ($request_uri ~ ^/(.*)/(index|indice).(html)) { rewrite ^/(.*)/(index|indice).(html) /$1 permanent;}
if ($request_uri ~ ^/(index|indice).html) { rewrite ^ / permanent;}
# 强制跳转https
rewrite ^/(.*)$ https://www.chinasoft.cn/$1 permanent; #跳转到Https
