upstream console.api{
server api:80;
}
upstream admin.api{
server admin-api:80;
}
upstream middle.api{
server dns-middleware-ws:80;
}
server {
listen 443 ssl;
server_name dev.api.xxx.com;
error_log /var/log/nginx/dev.api.xxx.com-error.log debug;
access_log /var/log/nginx/dev.api.xxx.com-access.log;
ssl_certificate /data/identify/dev.api.xxx.com.pem;
ssl_certificate_key /data/identify/dev.api.xxx.com.key;
# 默认版本号、子系统、请求路径
set $version v1; # 版本号 v开头,后面跟1~3个纯数字
set $subsystem console; # 子系统名,字母+中划线和点号组成,
set $subsystem_request_uri $request_uri;
# /子系统/path...
if ($request_uri ~* "^/([a-z]\w+[a-z0-9]+)/(.*)"){
set $subsystem $1;
set $subsystem_request_uri $2;
}
# /子系统/版本号/path...
if ($request_uri ~* "^/([a-z]\w+[a-z0-9]+)/(v[0-9]{1,3})/(.*)"){
set $subsystem $1;
set $version $2;
set $subsystem_request_uri $3;
}
# 如果所以的子系统都不匹配,设置成默认的子系统
if ($subsystem !~* "^(console|admin|middle)$"){
set $subsystem console;
}
# 配置 socket
location ~* "/middle/(v[0-9]{1,3}/)?ws" { # 中间件的 webSocket 配置
proxy_pass http://$subsystem.api/$subsystem_request_uri;
proxy_http_version 1.1; #WebSocket
proxy_set_header Upgrade $http_upgrade; #WebSocket
proxy_set_header Connection $connection_upgrade; #WebSocket
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Version $version;
proxy_set_header Host $host:$server_port;
}
# 统一代理到 http://$subsystem/path,去掉子系统名和
location / { # 目前已经实现的子系统
proxy_pass http://$subsystem.api/$subsystem_request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Version $version;
proxy_set_header Host $host:$server_port;
}
}