nginx基于SSL方式代理jenkins和kibana

server {
  server_name  hanye-jenkins.hanye.net;
  access_log  /data/wwwlogs/jenkins-web.access.log  ;
  error_log  /data/wwwlogs/jenkins-web.error.log;
  listen 443 ssl;

    ssl_certificate   /usr/local/nginx/conf/ssl/hanye.net.pem;
    ssl_certificate_key  /usr/local/nginx/conf/ssl/hanye.net.key;
    ssl_session_timeout 10m;
    ssl_buffer_size     64k;
    ssl_session_cache       shared:SSL:10m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
    ssl_prefer_server_ciphers on;

  location / {
      proxy_pass http://127.0.0.1:8080;
      proxy_redirect     default;
      #proxy_http_version 1.1;

      proxy_set_header   Host              $host;
      proxy_set_header   X-Real-IP         $remote_addr;
      proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header   X-Forwarded-Proto $scheme;
      proxy_max_temp_file_size 0;

      #this is the maximum upload size
      client_max_body_size       10m;
      client_body_buffer_size    128k;

      proxy_connect_timeout      120;
      proxy_send_timeout         120;
      proxy_read_timeout         120;
      proxy_buffering            off;
      proxy_request_buffering    off; # Required for HTTP CLI commands in Jenkins > 2.54
      proxy_set_header Connection ""; # Clear for keepalive
   }
   location  /oss {
      expires 3d;
      rewrite /(.+)$ /$1 break;
      proxy_pass https://fangx.oss-cn-shenzhen.aliyuncs.com/fangx/source/ZPMOQ2xjSwmBvNB1scM7JYwAgqCJvueKYlWbjlsu.png;
   }
}
server {
    server_name  hanye-es.hanye.net;
    access_log  /data/wwwlogs/es-web.access.log  ;
    error_log  /data/wwwlogs/es-web.error.log;
    listen 443 ssl;
    auth_basic "Nginx";  
    auth_basic_user_file /usr/local/nginx/conf/passwd;
    autoindex on;
    ssl_certificate   /usr/local/nginx/conf/ssl/hanye.net.pem;
    ssl_certificate_key  /usr/local/nginx/conf/ssl/hanye.net.key;
    ssl_session_timeout 10m;
    ssl_buffer_size     64k;
    ssl_session_cache       shared:SSL:10m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
    ssl_prefer_server_ciphers on;

  location / {
      proxy_pass http://10.0.109.17:5601;
      proxy_redirect     off;
      proxy_http_version 1.1;

      proxy_set_header   Host              $host;
      proxy_set_header   X-Real-IP         $remote_addr;
      proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header   X-Forwarded-Proto $scheme;
      proxy_max_temp_file_size 0;

      #this is the maximum upload size
      client_max_body_size       10m;
      client_body_buffer_size    128k;

      proxy_connect_timeout      120;
      proxy_send_timeout         120;
      proxy_read_timeout         120;
      proxy_buffering            off;
      proxy_request_buffering    off; # Required for HTTP CLI commands in Jenkins > 2.54
      proxy_set_header Connection ""; # Clear for keepalive
 }
}

网站栏目:nginx基于SSL方式代理jenkins和kibana
文章起源:http://hbruida.cn/article/gihesg.html