Nginx Load Balancing | Reverse Proxy Nginx | SSL Nginx

-
Used The howto of nixcraft.in.conf that can be found on google baby

First File

  GNU nano 2.0.9                                          File: nginx.conf.bak                                                                                         

#pid        /var/run/nginx.pid;
pid               logs/nginx.pid;
user              nginx nginx;
worker_processes  10;

events {
    worker_connections  1024;
}

http {
  default_type       application/octet-stream;

 ## Common options ##
 include options.conf;

 ## Proxy settings ##
 include proxy.conf;

 ## lb domains ##
 include nixcraft.in.conf;
 include loadtest.conf;









Second File  nixcraft.in.conf



## Connect to backend servers via LAN ##
## Reverse Proxy Load Balancer Logic ##
upstream nixcraft  {
      server publicip weight=10 max_fails=3 fail_timeout=30s;
      server publicip weight=10 max_fails=3 fail_timeout=30s;
      server publicip:443 weight=10 max_fails=3 fail_timeout=30s;
      server publicip:443 weight=10 max_fails=3 fail_timeout=30s;
      # only comes alive when above two fails
      server publicip weight=1 backup;
}

server {

      #SSL

     ### SSL log files ###
       # access_log     logs/ssl-access.log;
       # error_log     logs/ssl-error.log;

        ### SSL cert files ###
        ssl_certificate      conf/ssl/nixcraft.in.crt;
        ssl_certificate_key  conf/ssl/nixcraft.in.key;
        ### Add SSL specific settings here ###
        keepalive_timeout    60;

      listen  80;
      listen  443 default ssl;



      access_log  logs/access.log main;
      error_log   logs/error.log;
      index      index.html;
      root        /usr/local/nginx/html;
      server_name test.com www.test.com secure.test.com;

     ## Only requests to our Host are allowed
      if ($host !~ ^(test.com|www.test.com|secure.test.com)$ ) {
         return 444;
      }

     ## redirect www to nowww
     # if ($host = 'www.test.com' ) {
     #    rewrite  ^/(.*)$  http://test.com/$1  permanent;
     # }

     ## Only allow these request methods
     if ($request_method !~ ^(GET|HEAD|POST)$ ) {
         return 444;
     }

   ## PROXY - Web
      location / {
        proxy_pass  http://nixcraft;
        proxy_cache            cache;
        proxy_cache_valid      200 24h;
        proxy_cache_use_stale  error timeout invalid_header updating http_500 http_502 http_503 http_504;
        proxy_ignore_headers   Expires Cache-Control;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP    $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_redirect     off;
      }

     # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
}

3rd File Option.conf

# Size Limits
  client_body_buffer_size     128K;
  client_header_buffer_size   1M;
  client_max_body_size          1M;
  large_client_header_buffers 8 8k;

 ## Timeouts
  client_body_timeout   60;
  client_header_timeout 60;
 #expires               24h;
  expires               1m;
   keepalive_timeout     60 60;
  send_timeout          60;

 ## General Options
  ignore_invalid_headers   on;
  keepalive_requests      100;
  limit_zone gulag $binary_remote_addr 5m;
  recursive_error_pages    on;
  sendfile                 on;
  server_name_in_redirect off;
  server_tokens           off;

 ## TCP options
  tcp_nodelay on;
  tcp_nopush  on;

 ## Compression
  gzip              on;
  gzip_buffers      16 8k;
  gzip_comp_level   6;
  gzip_http_version 1.0;
  gzip_min_length   0;
  gzip_types        text/plain text/css image/x-icon application/x-perl application/x-httpd-cgi;

## Log Format
  log_format  main  '$remote_addr $host $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" "$http_user_agent" '
                    '"$gzip_ratio"';


4th File Proxy.conf

## Proxy caching options
  proxy_buffering           on;
  #proxy_buffering           off;
  #proxy_cache_min_uses       3;
  proxy_cache_min_uses       3;
  proxy_cache_path          /usr/local/nginx/proxy_temp/
  #levels=1:2 keys_zone=cache:10m inactive=10m max_size=1000M;
  levels=1:2 keys_zone=cache:1m inactive=1m max_size=100M;
  #proxy_cache_valid         any 10m;
  proxy_cache_valid         any 5m;
  proxy_ignore_client_abort off;
  proxy_intercept_errors    on;
  proxy_next_upstream       error timeout invalid_header;
  proxy_redirect            off;
  proxy_set_header          X-Forwarded-For $remote_addr;
 # proxy_connect_timeout     60;
 # proxy_send_timeout        60;
 # proxy_read_timeout        60;
  proxy_connect_timeout      5;
  proxy_send_timeout         5;
  proxy_read_timeout         5;


5th file

Used a private box and balanced 2 different sites mainly blizzard and steam When going to sony.com or www.sony.com it will redirect either on blizzard or steam redirecting connection depending on server's load


## Connect to backend servers via LAN ##
## Reverse Proxy Load Balancer Logic ##
upstream sony  {
      server 12.129.242.31 weight=10 max_fails=3 fail_timeout=1s;
      server 63.228.223.100 weight=10 max_fails=3 fail_timeout=1s;
      # only comes alive when above two fails
      server publicip weight=1 backup;
}

server {
      access_log  logs/access.log main;
      error_log   logs/error.log;
      index       index.html;
      root        /usr/local/nginx/html;
      server_name sony.com www.sony.com;

     ## Only requests to our Host are allowed
      if ($host !~ ^(sony.com|www.sony.com)$ ) {
         return 444;
      }

     ## redirect www to nowww
     # if ($host = 'www.sony.com' ) {
     #    rewrite  ^/(.*)$  http://sony.com/$1  permanent;
     # }

     ## Only allow these request methods
     if ($request_method !~ ^(GET|HEAD|POST)$ ) {
         return 444;
     }

     ## PROXY - Web
      location / {
        proxy_pass  http://sony;
        proxy_cache            cache;
        proxy_cache_valid      200 24h;
        proxy_cache_use_stale  error timeout invalid_header updating http_500 http_502 http_503 http_504;
        proxy_ignore_headers   Expires Cache-Control;

        proxy_set_header        Host            $host;
        proxy_set_header        X-Real-IP       $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
      }

     # redirect server error pages to the static page /50x.html
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
}

Comments

Post a Comment

Popular posts from this blog

Water Wonder Resort

-
Image
Water Wonder Resort Location: Inarawan Antipolo City To go here from Cubao Gateway Side - Ride Jeep or Fx going to Padilla ask the driver you are going to Water Wonder Resort. From there you can take a tricycle. Best days to go here are not April or May since there are many people going here from Antipolo Area Earn money register free!
Read more

Redirect apache request to another domain

-
if you have example portal.tenerife.com portal.mazaredo.com portal.antolines.com and you want to redirect it to www.mazaredo.com in httpd.conf put this line RewriteEngine on RewriteCond %{HTTP_HOST} !^portal\.!^\.com$ [NC] RewriteRule ^(.*)$ http://www.mazaredo.com/$1 [R=301,L] As you can see the the url has 3 parts    portal, domain, com  !^portal\.!^\.com$ first part is !^portal\     you can also remove portal so any .com request going to your site will be redirected. second part is !^\ where it is like * anything. last part is .com$
Read more

Can't use proxy because no authentication schemes are fully configured.

-
So you are having problems on webmin + squid authentication ? My current setup is below. I was eating my finger nails asking why before it was working and now it doesnt. System hostname localhost.localdomain (127.0.0.1) Operating system CentOS Linux 6.3 Webmin version 1.620 Virtualmin version 3.98.gpl GPL Earn  money  register free! [root@122 ~]# service squid start Starting squid:                                            [FAILED] 2013/02/23 00:17:00| Processing Configuration File: /etc/squid/squid.conf (depth 0) 2013/02/23 00:17:00| ERROR: '0.0.0.0/0.0.0.0' needs to be replaced by the term 'all'. 2013/02/23 00:17:00| SECURITY NOTICE: Overriding config setting. Using 'all' instead. 2013/02/23 00:17:00| WARNING: (B) '::/0' is a subnetwork ...
Read more