#user  nobody;
worker_processes  2;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


#监听socket端口
stream{
    upstream market_server{
        hash $remote_addr consistent;
        server 49.234.13.106:28901;
    }
    server {
        listen 28901;
        proxy_pass market_server;
    }

    upstream otc_heart_server{
        hash $remote_addr consistent;
        server 49.234.13.106:28902;
    }
    server {
        listen 28902;
        proxy_pass otc_heart_server;
    }
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;
    server {
        listen              80;
        server_name         api.xxxx.com;
        rewrite ^(.*)$ https://$host$1 permanent;
        location / {
            add_header 'Access-Control-Allow-Origin' '*' always;
            proxy_pass      http://111.111.111.111:8801;
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            break;
        }
    }

    server {
        listen       80;
        server_name  www.xxxx.com;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        rewrite ^(.*)$ https://$host$1 permanent;

        location / {
            root   html;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }

        location ~ .*.(eot|ttf|ttc|otf|eot|woff|woff2|svg)(.*) {
            add_header Access-Control-Allow-Origin http://www.xxxx.com;
        }

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    server {
        listen       80;
        server_name  xxxx.com;
        rewrite ^(.*)$ https://$host$1 permanent;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }

        location ~ .*.(eot|ttf|ttc|otf|eot|woff|woff2|svg)(.*) {
            add_header Access-Control-Allow-Origin http://www.xxxx.com;
        }

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    server {
        listen               443 ssl;
        server_name          www.xxxx.com;
        ssl                  on;
        ssl_certificate      /usr/local/nginx/ssl/1_www.xxxx.com_bundle.crt;
        ssl_certificate_key  /usr/local/nginx/ssl/2_www.xxxx.com.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers          ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!3DES:!aNULL:!eNULL;
        ssl_prefer_server_ciphers  on;
        location / {
            root   html;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
    }

    server {
        listen               443 ssl;
        server_name          xxxx.com;
        ssl                  on;
        ssl_certificate      /usr/local/nginx/ssl/1_www.xxxx.com_bundle.crt;
        ssl_certificate_key  /usr/local/nginx/ssl/2_www.xxxx.com.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers          ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!3DES:!aNULL:!eNULL;
        ssl_prefer_server_ciphers  on;
        location / {
            root   html;
            index  index.html index.htm;
            try_files $uri $uri/ /index.html;
        }
    }

    server {
        listen               443 ssl;
        server_name          api.xxxx.com;
        ssl                  on;
        ssl_certificate      /usr/local/nginx/ssl/1_api.xxxx.com_bundle.crt;
        ssl_certificate_key  /usr/local/nginx/ssl/2_api.xxxx.com.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers          ECDH:AESGCM:HIGH:!RC4:!DH:!MD5:!3DES:!aNULL:!eNULL;
        ssl_prefer_server_ciphers  on;
        location / {
            proxy_pass      http://49.234.13.106:8801;
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            break;
        }
    }

    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    #    listen       8000;
    #    listen       somename:8080;
    #    server_name  somename  alias  another.alias;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

    # HTTPS server
    #
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;

    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;

    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;

    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;

    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}

}