map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

server {
    listen 8071;  # 监听 8071 端口
    server_name _;  # 运维机 的公网 IP

    allow 43.159.145.241;  # 只允许海外服务器的 IP 访问
    allow 49.51.46.148;
    allow 192.168.70.0/24;
    allow 127.0.0.1;
    deny all;              # 拒绝其他所有 IP

    access_log /data/tengine/logs/sit_8071_access.log;
    error_log /data/tengine/logs/sit_8071_error.log;

    location /ws {
        proxy_pass http://192.168.70.18:8071/ws;  # 反向代理到本地电脑的sit的8070

        # 必要的 WebSocket 头部
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

	# WebSocket 的长连接
        proxy_read_timeout 86400;
        proxy_send_timeout 86400;
    }
}