From 95a83cf43f7576b2c50f2de693a8c073e19a3143 Mon Sep 17 00:00:00 2001
From: dxin <dick@moonlanding.cc>
Date: Thu, 30 Oct 2025 11:31:05 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9Eapex=20nginx=20=E9=85=8D?=
 =?UTF-8?q?=E7=BD=AE=E6=96=87=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 nginx/apex.deeplink.media.conf | 47 ++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 nginx/apex.deeplink.media.conf

diff --git a/nginx/apex.deeplink.media.conf b/nginx/apex.deeplink.media.conf
new file mode 100644
index 0000000..bfbd201
--- /dev/null
+++ b/nginx/apex.deeplink.media.conf
@@ -0,0 +1,47 @@
+log_format apex_log '客户端IP: $remote_addr | 用户: $remote_user | 时间: $time_local | '
+                            '请求方法和路径: "$request" | 状态码: $status | 响应大小: $body_bytes_sent | '
+                            '来源页面: "$http_referer" | 客户端UA: "$http_user_agent" | '
+                            '上游服务器: $upstream_addr | 上游响应耗时: $upstream_response_time | '
+                            '请求总耗时: $request_time | Host: $host';
+
+server {
+    listen 443 ssl;
+    server_name apex.deeplink.media;
+
+    ssl_certificate     /data/tengine/conf/certificate/apex.deeplink.media_bundle.crt;
+    ssl_certificate_key /data/tengine/conf/certificate/apex.deeplink.media.key;
+
+    ssl_protocols       TLSv1.2 TLSv1.3;
+    ssl_ciphers         HIGH:!aNULL:!MD5;
+
+    # 单独日志文件
+    access_log /data/tengine/logs/apex_access.log apex_log;
+    error_log  /data/tengine/logs/apex_error.log;
+
+    location / {
+        proxy_pass         http://43.159.145.241:9007;
+        proxy_set_header   Host $host;
+        proxy_set_header   X-Real-IP $remote_addr;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Proto $scheme;
+
+        # 关键补充：WebSocket 转发必需配置
+        proxy_set_header   Upgrade $http_upgrade;  # 传递 Upgrade 头（触发WebSocket）
+        proxy_set_header   Connection "upgrade";   # 传递 Connection: upgrade 头
+        proxy_http_version 1.1;  # WebSocket 依赖 HTTP/1.1
+        proxy_buffering off;
+        proxy_cache off;
+        proxy_request_buffering off;
+
+        add_header 'Access-Control-Allow-Origin' "$http_origin" always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
+        add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
+    }
+}
+
+server {
+    listen 80;
+    server_name apex.deeplink.media;
+    return 301  https://$host$request_uri;
+}
\ No newline at end of file