80 lines
2.1 KiB
Plaintext
80 lines
2.1 KiB
Plaintext
server {
|
||
listen 80;
|
||
server_name dms.sggai.site;
|
||
|
||
location ^~ /.well-known/acme-challenge/ {
|
||
root /var/www;
|
||
default_type text/plain;
|
||
try_files $uri =404;
|
||
}
|
||
# 静态网站案例
|
||
# location / {
|
||
# root /var/www/dms.sggai.site;
|
||
# index index.html;
|
||
# try_files $uri $uri/ /index.html;
|
||
# }
|
||
|
||
# 反向代理案例
|
||
# location / {
|
||
# proxy_pass http://10.1.0.1:3001;
|
||
#
|
||
# proxy_set_header Host $host;
|
||
# proxy_set_header X-Real-IP $remote_addr;
|
||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
#
|
||
# proxy_read_timeout 3600s;
|
||
# proxy_send_timeout 3600s;
|
||
# }
|
||
|
||
location / {
|
||
return 301 https://$host$request_uri;
|
||
}
|
||
}
|
||
server {
|
||
listen 443 ssl;
|
||
server_name dms.sggai.site;
|
||
|
||
ssl_certificate /etc/letsencrypt/live/dms.sggai.site/fullchain.pem;
|
||
ssl_certificate_key /etc/letsencrypt/live/dms.sggai.site/privkey.pem;
|
||
|
||
location / {
|
||
root /var/www/dms.sggai.site;
|
||
index index.html;
|
||
try_files $uri $uri/ /index.html;
|
||
}
|
||
}
|
||
server {
|
||
# 对外暴露的 HTTPS 端口
|
||
# 用户访问:https://dms.sggai.site:18083/
|
||
listen 18083 ssl;
|
||
|
||
# 只匹配这个域名
|
||
server_name dms.sggai.site;
|
||
|
||
ssl_certificate /etc/letsencrypt/live/dms.sggai.site/fullchain.pem;
|
||
ssl_certificate_key /etc/letsencrypt/live/dms.sggai.site/privkey.pem;
|
||
|
||
location / {
|
||
# 转发到局域网后端设备
|
||
# 这里是 http,表示 nginx 到 10.1.0.1 使用明文 HTTP
|
||
proxy_pass http://10.1.0.1:18083;
|
||
|
||
# 传递原始访问域名
|
||
# 如果后端需要带端口,建议用 $http_host
|
||
proxy_set_header Host $http_host;
|
||
|
||
# 传递客户端真实 IP
|
||
proxy_set_header X-Real-IP $remote_addr;
|
||
|
||
# 传递完整代理链 IP
|
||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
|
||
# 告诉后端:用户外部访问协议是 HTTPS
|
||
proxy_set_header X-Forwarded-Proto https;
|
||
|
||
# 长连接/慢请求超时时间
|
||
proxy_read_timeout 3600s;
|
||
proxy_send_timeout 3600s;
|
||
}
|
||
}
|