Nginx等相关

安装配置

安装配置等请点击

Log_format 配置项

log_format 日志格式配置示例

# 配置示例
 log_format  main  '[$remote_addr],[$remote_user],[$time_local],[$request],[$http_host],[$status],[$upstream_status],[$body_bytes_sent],[$http_referer],[$http_user_agent],[$ssl_protocol],[$ssl_cipher],[$upstream_addr],[$request_time],[$upstream_response_time],[$http_x_forwarded_for]';

# 记录的日志格式
[47.103.128.46],[-],[18/Aug/2020:16:52:31 +0800],[GET /r/cms/www/red/img/prompt.jpg HTTP/1.1],[dev-test.shuxiaoyuan.com],[404],[404],[612],[-],[Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36],[TLSv1.2],[ECDHE-RSA-AES256-GCM-SHA384],[127.0.0.1:9000],[0.092],[0.091],[-]

log_format 配置项详解

参数 说明 示例
$remote_addr 客户端地址 211.28.65.253
$remote_user 客户端用户名称 - -
$time_local 访问时间和时区 18/Jul/2012:17:00:01 +0800
$request 请求的URI和HTTP协议 "GET /article-10000.html HTTP/1.1"
$http_host 请求地址,即浏览器中你输入的地址(IP或域名) www.wang.com 192.168.100.100
$status HTTP请求状态 200
$upstream_status upstream状态 200
$body_bytes_sent 发送给客户端文件内容大小 1547
$http_referer url跳转来源 https://www.baidu.com/
$http_user_agent 用户终端浏览器等信息 "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1; GTB7.0; .NET4.0C;
$ssl_protocol SSL协议版本 TLSv1
$ssl_cipher 交换数据中的算法 RC4-SHA
$upstream_addr 后台upstream的地址,即真正提供服务的主机地址 10.10.10.100:80
$request_time 整个请求的总时间 0.205
$upstream_response_time 请求过程中,upstream响应时间 0.002

反向代理获取IP

在使用 Nginx 反向代理后,应用代码中获取到的 IP 都是反向代理服务器的 IP,获取到的域名也是反向代理配置的 url 域名

nginx反向代理配置时,一般会添加下面的配置:

      proxy_set_header Host $host;       proxy_set_header X-Real-IP $remote_addr;       proxy_set_header REMOTE-HOST $remote_addr;       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Nginx 配置

# upstream这个模块提供一个简单方法来实现在轮询和客户端IP之间的后端服务器负荷平衡。
upstream abc.com {
    server 127.0.0.1:8080;
    server 127.0.0.1:80;
    server 127.0.0.1:8000;
}

server {
    listen 80;
    server_name www.test.com;
    location / {
        proxy_pass http://abc.com;
        proxy_set_header    Host                 $host;             #保留代理之前的host
        proxy_set_header    X-Real-IP            $remote_addr;      #保留代理之前的真实客户端ip
        proxy_set_header    X-Forwarded-For      $proxy_add_x_forwarded_for;
        proxy_set_header    HTTP_X_FORWARDED_FOR $remote_addr;  #在多级代理的情况下,记录每次代理之前的客户端真实ip
        proxy_set_header    X-Forwarded-Proto    $scheme;          #表示客户端真实的协议(http还是https)
        proxy_redirect      default;                               #指定修改被代理服务器返回的响应头中的location头域跟refresh头域数值
}

日志分析工具

goaccess

安装依赖

yum install glib2 glib2-devel GeoIP-devel  ncurses-devel zlib zlib-devel -y
wget https://github.com/maxmind/geoip-api-c/releases/download/v1.6.12/GeoIP-1.6.12.tar.gz
tar -zvxf GeoIP-1.6.12.tar.gz
cd GeoIP-1.6.12
./configure
make && make install

安装后如下图:

安装goaccess

官网看下版本: https://goaccess.io/download

wget https://tar.goaccess.io/goaccess-1.4.tar.gz
tar -xzvf goaccess-1.4.tar.gz
cd goaccess-1.4
./configure --enable-utf8 --enable-geoip=legacy
make && make install

安装完成后如下图:

格式化日志格式

  • 使用 nginx2goaccess.sh 脚本将 nginx 日志格式格式化为 goaccess 能识别的日志格式,脚本内容见附录一

  • 使用如下方式获取日志格式

# log_format 为你 nginx.conf 中配置的日志格式,需要去查看 Nginx配置里面的格式。
sh nginx2goaccess.sh '<log_format>'

#如:
sh nginx2goaccess.sh '$remote_addr - $remote_user [$time_local] "$http_host$request_uri" $status $request_time $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"'

  • 上面命令执行后,会输出一段内容,将内容复制下来,如下图所示

  • config 文件夹中新建一个配置文件

vim /root/goaccess-1.4/config/nginxlog.conf
# 输入上面复制的内容,保存即可
  • 生成统计页面

可以写个脚本定时生成统计页面

# 默认:
cd /root/goaccess-1.4/

./goaccess -f /var/log/nginx/access.log -p /root/goaccess-1.4/config/nginxlog.conf -o /usr/share/nginx/html/goaccess/report.html

# 生成中文统计页面
cd /root/goaccess-1.4/

LANG="zh_CN.UTF-8" bash -c "./goaccess -f /var/log/nginx/access.log -p /root/goaccess-1.4/config/nginxlog.conf -o /usr/share/nginx/html/goaccess/report.html"

访问 URL :http://106.15.238.9/goaccess/report.html

注: -f nginx 记录的日志文件 -p 指定日志格式文件,也就是那个配置文件 -o 输出到指定html文件 --real-time-html 实时刷新 --ws-url 绑定一个域名

附录一 nginx2goaccess.sh 脚本内容

#!/bin/bash
#
# Convert from this:
#   http://nginx.org/en/docs/http/ngx_http_log_module.html
# To this:
#   https://goaccess.io/man
#
# Conversion table:
#   $time_local         %d:%t %^
#   $host               %v
#   $http_host          %v
#   $remote_addr        %h
#   $request_time       %T
#   $request_method     %m
#   $request_uri        %U
#   $server_protocol    %H
#   $request            %r
#   $status             %s
#   $body_bytes_sent    %b
#   $bytes_sent         %b
#   $http_referer       %R
#   $http_user_agent    %u
#
# Samples:
#
# log_format combined '$remote_addr - $remote_user [$time_local] '
# '"$request" $status $body_bytes_sent '
# '"$http_referer" "$http_user_agent"';
#   ./nginx2goaccess.sh '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'
#
# log_format compression '$remote_addr - $remote_user [$time_local] '
# '"$request" $status $bytes_sent '
# '"$http_referer" "$http_user_agent" "$gzip_ratio"';
#   ./nginx2goaccess.sh '$remote_addr - $remote_user [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent" "$gzip_ratio"'
#
# log_format main
# '$remote_addr\t$time_local\t$host\t$request\t$http_referer\t$http_x_mobile_group\t'
# 'Local:\t$status\t$body_bytes_sent\t$request_time\t'
# 'Proxy:\t$upstream_cache_status\t$upstream_status\t$upstream_response_length\t$upstream_response_time\t'
# 'Agent:\t$http_user_agent\t'
# 'Fwd:\t$http_x_forwarded_for';
#   ./nginx2goaccess.sh '$remote_addr\t$time_local\t$host\t$request\t$http_referer\t$http_x_mobile_group\tLocal:\t$status\t$body_bytes_sent\t$request_time\tProxy:\t$upstream_cache_status\t$upstream_status\t$upstream_response_length\t$upstream_response_time\tAgent:\t$http_user_agent\tFwd:\t$http_x_forwarded_for'
#
# log_format main
# '${time_local}\t${remote_addr}\t${host}\t${request_method}\t${request_uri}\t${server_protocol}\t'
# '${http_referer}\t${http_x_mobile_group}\t'
# 'Local:\t${status}\t*${connection}\t${body_bytes_sent}\t${request_time}\t'
# 'Proxy:\t${upstream_status}\t${upstream_cache_status}\t'
# '${upstream_response_length}\t${upstream_response_time}\t${uri}${log_args}\t'
# 'Agent:\t${http_user_agent}\t'
# 'Fwd:\t${http_x_forwarded_for}';
#   ./nginx2goaccess.sh '${time_local}\t${remote_addr}\t${host}\t${request_method}\t${request_uri}\t${server_protocol}\t${http_referer}\t${http_x_mobile_group}\tLocal:\t${status}\t*${connection}\t${body_bytes_sent}\t${request_time}\tProxy:\t${upstream_status}\t${upstream_cache_status}\t${upstream_response_length}\t${upstream_response_time}\t${uri}${log_args}\tAgent:\t${http_user_agent}\tFwd:\t${http_x_forwarded_for}'
#
# Author: Rogério Carvalho Schneider <stockrt@gmail.com>

# Params
log_format="$1"

# Usage
if [[ -z "$log_format" ]]; then
    echo "Usage: $0 '<log_format>'"
    exit 1
fi

# Variables map
conversion_table="time_local,%d:%t_%^
host,%v
http_host,%v
remote_addr,%h
request_time,%T
request_method,%m
request_uri,%U
server_protocol,%H
request,%r
status,%s
body_bytes_sent,%b
bytes_sent,%b
http_referer,%R
http_user_agent,%u"

# Conversion
for item in $conversion_table; do
    nginx_var=${item%%,*}
    goaccess_var=${item##*,}
    goaccess_var=${goaccess_var//_/ }
    log_format=${log_format//\$\{$nginx_var\}/$goaccess_var}
    log_format=${log_format//\$$nginx_var/$goaccess_var}
done
log_format=$(echo "$log_format" | sed 's/${[a-z_]*}/%^/g')
log_format=$(echo "$log_format" | sed 's/$[a-z_]*/%^/g')

# Config output
echo "
- Generated goaccess config:
time-format %T
date-format %d/%b/%Y
log_format $log_format
"

# EOF

根据url的参数值进行转发

附录:

参考链接一:https://www.cnblogs.com/zhanjindong/archive/2014/01/23/3531733.html

参考链接二:https://blog.csdn.net/qq_31772441/article/details/107072652

# aaa.com

location /reservation/ {
    proxy_pass http://reservation-template.com/;
}

# reservation-template.com
server {
    listen        80;
    server_name  reservation-template.com;

    root   /www/reservation_template/public;

    add_header 'Access-Control-Allow-Origin' *;
    add_header 'Access-Control-Allow-Headers' *;
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' *;

    location / {
        index index.html index.htm index.php;
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        root /www/reservation_template;
        fastcgi_pass   127.0.0.1:9800;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  /www/reservation_template/public/$fastcgi_script_name;
        include        fastcgi_params;
    }
}

nginx配置跨域


server {
    server_name  demo.shuxiaoyuan.com;
    root /www/php_demo/public;
    index index.php;

    #允许跨域请求的域,* 代表所有
    add_header 'Access-Control-Allow-Origin' *;

    #允许请求的header
    add_header 'Access-Control-Allow-Headers' *;

    #允许带上cookie请求
    add_header 'Access-Control-Allow-Credentials' 'true';

    #允许请求的方法,比如 GET,POST,PUT,DELETE
    add_header 'Access-Control-Allow-Methods' *;

}