1、保持1800秒连接不被中断
keepalive_timeout:保持连接活跃时间
proxy_read_timeout:等待后台服务器响应超时时间
server {
listen 18000;
server_name localhost;
keepalive_timeout 1800s;
location /medical_records/ {
proxy_pass http://ip:port/medical_records/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 1800s;
}
}
2、代理+负载均衡:同时满足websocket与https
upstream name_proxy {
server ip:port;
server ip:port;
}
server {
listen 443 ssl;
server_name your_domain;
ssl_certificate x.pem;
ssl_certificate_key x.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSV1 TLSV1.1 TLSV1.2 SSLv2 SSLv3;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
ssl_verify_client off;
# WebSocket 配置
location /path/ { # 代理路径
proxy_pass http://name_proxy/path;
proxy_http_version 1.1; # 确保使用 HTTP/1.1
proxy_set_header Upgrade $http_upgrade; # 设置 Upgrade 头
proxy_set_header Connection "Upgrade"; # 设置 Connection 头
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; # 传递客户端 IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # 传递 XFF 头
}
}
3、跨域配置
#add_header 'Access-Control-Allow-Origin' '';
#add_header 'Access-Control-Allow-Methods' '';
#add_header 'Access-Control-Allow-Headers' '*';
#add_header Cache-Control no-cache;
说明:如果是代理gateway请求,可以不用配置(因为gateway一般会返回可跨域的头)
