配置文件如下:
user www;
worker_processes 1;
pid logs/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$google"';
access_log logs/access.log main;
access_log off;
include mime.types;
default_type application/octet-stream;
client_max_body_size 5M;
client_body_buffer_size 256K;
types_hash_max_size 2048;
#设定DNS
resolver [2001:4860:4860::8888] [2001:4860:4860::8844];
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
proxy_connect_timeout 5;
proxy_read_timeout 60;
proxy_send_timeout 5;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
#proxy_temp_file_write_size 128k;
#proxy_temp_path /var/nginx_cache/temp;
#设定缓存的路径和其他参数,http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_path
#proxy_cache_path /var/nginx_cache/cache levels=1:2 keys_zone=one:16m inactive=1d max_size=512m;
#设定复用SSL会话
proxy_ssl_session_reuse on;
proxy_redirect off;
proxy_ssl_server_name on;
#缓存key规则,用于自动清除缓存
proxy_cache_key $scheme://$host$request_uri;
#缓存区名称,设定于proxy_cache_path
#proxy_cache one;
#200 304状态缓存3小时
proxy_cache_valid 200 304 10m;
#301状态缓存3天
proxy_cache_valid 301 3d;
#其他状态缓存(如502 404)1分钟
proxy_cache_valid any 0s;
#当后端出现错误、超时、502状态时启用过期缓存
proxy_cache_use_stale invalid_header error timeout http_502;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:AES128+EECDH:AES128+EDH:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_cache shared:SSL:10m;
add_header Strict-Transport-Security max-age=63072000;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
# 勾勾
upstream gogo {
server 127.0.0.1:4999;
}
server {
listen 5000 ssl;
server_name 176.122.157.73;
ssl_certificate cert/176.122.157.73.crt;
ssl_certificate_key cert/176.122.157.73.key;
location / {
proxy_pass http://gogo;
#proxy_pass https://176.122.157.73:5001;
}
}
#桌面版中文维基
server {
listen 3457 ssl;
server_name 176.122.157.73;
ssl_certificate cert/176.122.157.73.crt;
ssl_certificate_key cert/176.122.157.73.key;
location / {
#proxy_cache one;
proxy_pass https://zh.wikipedia.org;
proxy_buffering off;
proxy_cookie_domain zh.wikipedia.org $server_name:$server_port;
proxy_redirect https://zh.wikipedia.org/ /;
proxy_redirect https://zh.m.wikipedia.org/ https://$server_name:3458/;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header User-Agent $http_user_agent;
proxy_set_header Accept-Encoding "";
proxy_set_header referer "https://zh.wikipedia.org$request_uri";
#替换手机版视图为代理
subs_filter zh.m.wikipedia.org $server_name:3458 g;
subs_filter zh.wikipedia.org $server_name:$server_port g;
subs_filter en.m.wikipedia.org $server_name:5005 g;
subs_filter en.wikipedia.org $server_name:5004 g;
}
location https://zh.m.wikipedia.org/ {
rewrite ^/(.*) https://$server_name:3458/$1 permanent;
}
}
#移动版中文维基
server {
listen 3458 ssl;
server_name 176.122.157.73;
ssl_certificate cert/176.122.157.73.crt;
ssl_certificate_key cert/176.122.157.73.key;
location / {
#proxy_cache one;
proxy_pass https://zh.m.wikipedia.org;
proxy_buffering off;
proxy_redirect https://zh.m.wikipedia.org/ /;
proxy_cookie_domain zh.m.wikipedia.org $server_name:$server_port;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header User-Agent $http_user_agent;
proxy_set_header Accept-Encoding "";
proxy_set_header referer https://zh.m.wikipedia.org$request_uri;
#替换桌面版视图为代理
subs_filter zh.wikipedia.org $server_name:3457 g;
subs_filter zh.m.wikipedia.org $server_name:$server_port g;
subs_filter en.m.wikipedia.org $server_name:5005 g;
subs_filter en.wikipedia.org $server_name:5004 g;
}
}
#谷歌搜索
server {
listen 5001 ssl;
server_name 176.122.157.73;
set $google "";
rewrite_by_lua '
local googles = {
"www.google.is",
"www.google.dk",
"www.google.no",
"www.google.se",
"www.google.fi",
"www.google.ee",
"www.google.lv",
"www.google.lt",
"www.google.ie",
"www.google.co.uk",
"www.google.gg",
"www.google.je",
"www.google.im",
"www.google.fr",
"www.google.nl",
"www.google.be",
"www.google.lu",
"www.google.de",
"www.google.at",
"www.google.ch",
"www.google.li",
"www.google.pt",
"www.google.es",
"www.google.com.gi",
"www.google.ad",
"www.google.it",
"www.google.com.mt",
"www.google.sm",
"www.google.gr",
"www.google.ru",
"www.google.com.by",
"www.google.com.ua",
"www.google.pl",
"www.google.cz",
"www.google.sk",
"www.google.hu",
"www.google.si",
"www.google.hr",
"www.google.ba",
"www.google.me",
"www.google.rs",
"www.google.mk",
"www.google.bg",
"www.google.ro",
"www.google.md",
"www.google.mn",
"www.google.co.kr",
"www.google.co.jp",
"www.google.com.vn",
"www.google.la",
"www.google.com.kh",
"www.google.co.th",
"www.google.com.my",
"www.google.com.sg",
"www.google.com.bn",
"www.google.com.ph",
"www.google.co.id",
"www.google.kz",
"www.google.kg",
"www.google.com.tj",
"www.google.co.uz",
"www.google.tm",
"www.google.com.af",
"www.google.com.pk",
"www.google.com.np",
"www.google.co.in",
"www.google.com.bd",
"www.google.lk",
"www.google.mv",
"www.google.com.kw",
"www.google.com.sa",
"www.google.com.bh",
"www.google.ae",
"www.google.com.om",
"www.google.jo",
"www.google.co.il",
"www.google.com.lb",
"www.google.com.tr",
"www.google.az",
"www.google.am",
"www.google.co.ls",
"www.google.com.eg",
"www.google.com.ly",
"www.google.dz",
"www.google.co.ma",
"www.google.sn",
"www.google.gm",
"www.google.ml",
"www.google.bf",
"www.google.com.sl",
"www.google.ci",
"www.google.com.gh",
"www.google.tg",
"www.google.bj",
"www.google.ne",
"www.google.com.ng",
"www.google.sh",
"www.google.cm",
"www.google.td",
"www.google.cf",
"www.google.ga",
"www.google.cg",
"www.google.cd",
"www.google.it.ao",
"www.google.com.et",
"www.google.dj",
"www.google.co.ke",
"www.google.co.ug",
"www.google.co.tz",
"www.google.rw",
"www.google.bi",
"www.google.mw",
"www.google.co.mz",
"www.google.mg",
"www.google.sc",
"www.google.mu",
"www.google.co.zm",
"www.google.co.zw",
"www.google.co.bw",
"www.google.com.na",
"www.google.co.za",
"www.google.com.au",
"www.google.com.nf",
"www.google.co.nz",
"www.google.com.sb",
"www.google.com.fj",
"www.google.fm",
"www.google.ki",
"www.google.nr",
"www.google.tk",
"www.google.ws",
"www.google.as",
"www.google.to",
"www.google.nu",
"www.google.co.ck",
"www.google.com.do",
"www.google.tt",
"www.google.com.co",
"www.google.com.ec",
"www.google.co.ve",
"www.google.gy",
"www.google.com.pe",
"www.google.com.bo",
"www.google.com.py",
"www.google.com.br",
"www.google.com.uy",
"www.google.com.ar",
"www.google.cl",
"www.google.gl",
"www.google.ca",
"www.google.com",
"www.google.com.mx",
"www.google.com.gt",
"www.google.com.bz",
"www.google.com.sv",
"www.google.hn",
"www.google.com.ni",
"www.google.co.cr",
"www.google.com.pa",
"www.google.bs",
"www.google.com.cu",
"www.google.com.jm",
"www.google.ht"}
ngx.var.google = googles[ math.random( #googles )]';
ssl_certificate cert/176.122.157.73.crt;
ssl_certificate_key cert/176.122.157.73.key;
location / {
#代理设置
proxy_cookie_domain $google $server_name;
proxy_pass https://$google;
proxy_ssl_name $google;
#设定转发后端服务器的header
proxy_set_header Host $google;
proxy_set_header User-Agent $http_user_agent;
#proxy_set_header User-Agent "Mozilla/5.0 (compatible; MSIE 10.0; Windows Phone 8.0; Trident/6.0; IEMobile/10.0; ARM; Touch; NOKIA; Lumia 920)";
proxy_set_header Referer https://$google;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
#重定向
proxy_redirect https://$google Https://$server_name:$server_port;
#设定语言为大陆中文
proxy_set_header Accept-Language "zh-CN";
proxy_set_header referer https://$google$request_uri;
#去除跟踪
subs_filter ping=\"(.+?)\" '' ir;
subs_filter oncontextmenu=\"google.ctpacw.cm\(this\)\" '' ir;
subs_filter onmousedown=\"(.+?)\" '' ir;
#去除定位消息
subs_filter "<div class=\"smiUbb(.*?)<\/div>" '' ir;
#替换中文维基为代理
subs_filter zh.wikipedia.org $server_name:3457 g;
subs_filter zh.m.wikipedia.org $server_name:3458 g;
subs_filter en.m.wikipedia.org $server_name:5005 g;
subs_filter en.wikipedia.org $server_name:5004 g;
#替换Logo链接
subs_filter $google $server_name:$server_port g;
subs_filter www.google.com $server_name:$server_port g;
#替换文件类型
subs_filter_types text/css text/xml text/javascript;
}
}
#桌面版英文维基
server {
listen 5004 ssl;
server_name 176.122.157.73;
ssl_certificate cert/176.122.157.73.crt;
ssl_certificate_key cert/176.122.157.73.key;
location / {
#proxy_cache one;
proxy_pass https://en.wikipedia.org;
proxy_buffering off;
proxy_cookie_domain en.wikipedia.org $server_name:$server_port;
proxy_redirect https://en.wikipedia.org/ /;
proxy_redirect https://en.m.wikipedia.org/ https://$server_name:5005/;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header User-Agent $http_user_agent;
proxy_set_header Accept-Encoding "";
proxy_set_header referer "https://en.wikipedia.org$request_uri";
#替换手机版视图为代理
subs_filter en.m.wikipedia.org $server_name:5005 g;
subs_filter en.wikipedia.org $server_name:$server_port g;
subs_filter zh.wikipedia.org $server_name:3457 g;
subs_filter zh.m.wikipedia.org $server_name:3458 g;
}
location https://en.m.wikipedia.org/ {
rewrite ^/(.*) https://$server_name:5005/$1 permanent;
}
}
#移动版英文维基
server {
listen 5005 ssl;
server_name 176.122.157.73;
ssl_certificate cert/176.122.157.73.crt;
ssl_certificate_key cert/176.122.157.73.key;
location / {
#proxy_cache one;
proxy_pass https://en.m.wikipedia.org;
proxy_buffering off;
proxy_redirect https://en.m.wikipedia.org/ /;
proxy_cookie_domain en.m.wikipedia.org $server_name:$server_port;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header User-Agent $http_user_agent;
proxy_set_header Accept-Encoding "";
proxy_set_header referer https://en.m.wikipedia.org$request_uri;
#替换桌面版视图为代理
subs_filter en.wikipedia.org $server_name:5004 g;
subs_filter en.m.wikipedia.org $server_name:$server_port g;
subs_filter zh.wikipedia.org $server_name:3457 g;
subs_filter zh.m.wikipedia.org $server_name:3458 g;
}
}
# v2ray
server {
listen 53514 ssl;
server_name 176.122.157.73;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate cert/176.122.157.73.crt;
ssl_certificate_key cert/176.122.157.73.key;
location /9a00db84-636e-4653-b763-e0271e167b41 {
proxy_redirect off;
proxy_pass http://127.0.0.1:53513;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
# Show realip in v2ray access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
(773 words)