写在最前头:使用代理,如果可以,请尽量支持双协议,http、https均要支持哈;
注意:监控系统只是运行代码,是否支持https,需要运维同学在你们的服务器上配置https证书,配置好证书,就可以支持https了。(只有域名才可以支持https)
常见问题:很多同学配置好了https证书,但是上报接口用的还是http。webfunny的探针是根据监控项目的网址来判断的,你的项目地址用的是https,上报接口也会切换到https
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
#用80端口代理8011,8010两个端口号,可支持http(
server {
listen 80;
server_name www.xxx.com;
#### 应用中心be反向代理
location /wfManage/ {
proxy_pass http://127.0.0.1:8011/wfManage/;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#### 应用中心fe反向代理
location /webfunny_center/ {
proxy_pass http://127.0.0.1:8010/webfunny_center/;
proxy_redirect default ;
}
#### 监控系统be反向代理
location /server/ {
proxy_pass http://127.0.0.1:8011/server/;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#### 监控系统fe反向代理
location /webfunny/ {
proxy_pass http://127.0.0.1:8010/webfunny/;
proxy_redirect default ;
}
#### 埋点系统be反向代理
location /tracker/ {
proxy_pass http://127.0.0.1:8011/tracker/;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#### 埋点系统fe反向代理
location /webfunny_event/ {
proxy_pass http://127.0.0.1:8010/webfunny_event/;
proxy_redirect default ;
}
}
#用443端口代理8011,8010两个端口号,可支持https
server {
listen 443 ssl;
server_name www.xxx.com; #网站域名,和80端口保持一致
root /home/jiang/webWorks;
index /index.html;
# ssl on;
ssl_certificate /etc/nginx/cert/3120409_www.xxx.com.pem; #证书公钥
ssl_certificate_key /etc/nginx/cert/3120409_www.xxx.com.key; #证书私钥
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!3DES:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
#### 应用中心be反向代理
location /wfManage/ {
proxy_pass http://127.0.0.1:8011/wfManage/;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#### 应用中心fe反向代理
location /webfunny_center/ {
proxy_pass http://127.0.0.1:8010/webfunny_center/;
proxy_redirect default ;
}
#### 监控系统be反向代理
location /server/ {
proxy_pass http://127.0.0.1:8011/server/;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#### 监控系统fe反向代理
location /webfunny/ {
proxy_pass http://127.0.0.1:8010/webfunny/;
proxy_redirect default ;
}
#### 埋点系统be反向代理
location /tracker/ {
proxy_pass http://127.0.0.1:8011/tracker/;
proxy_connect_timeout 3000;
proxy_send_timeout 3000;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
#### 埋点系统fe反向代理
location /webfunny_event/ {
proxy_pass http://127.0.0.1:8010/webfunny_event/;
proxy_redirect default ;
}
}
}