map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { #SSL 默认访问端口号为 443 listen 443 ssl; #请填写绑定证书的域名 server_name localhost; #请填写证书文件的相对路径或绝对路径 ssl_certificate bunny-web.site_bundle.crt; #请填写私钥文件的相对路径或绝对路径 ssl_certificate_key bunny-web.site.key; ssl_session_timeout 5m; #请按照以下协议配置 ssl_protocols TLSv1.2 TLSv1.3; #请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { root /etc/nginx/html; index index.html index.htm; try_files $uri /index.html; } # 后端跨域请求 location ~/admin/ { proxy_pass http://172.17.0.1:8000; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # 后端跨域请求 location ~/api/v1/ { proxy_pass http://129.211.31.58:3000; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect http:// https://; } error_page 404 404.html; location = /50x.html { root html; } } server { listen 80 ; listen [::]:80; server_name localhost; return 301 https://$host$request_uri; location / { root /etc/nginx/html; index index.html index.htm; try_files $uri /index.html; } # 后端跨域请求 location ~/admin/ { proxy_pass http://172.17.0.1:8000; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } error_page 404 404.html; location = /50x.html { root html; } }