dxin/Work-configuration-file
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Work-configuration-file/nginx/admin.scalelink.cn.conf
dxinn aab08068c3 2026-01-27同步
2026-01-27 18:21:17 +08:00

75 lines
2.6 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

server {
listen 443 ssl;
server_name admin.scalelink.cn;
ssl_certificate /data/tengine/conf/certificate/admin.scalelink.cn_bundle.crt;
ssl_certificate_key /data/tengine/conf/certificate/admin.scalelink.cn.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# ========= 反误判 Header =========
add_header X-Robots-Tag "noindex, nofollow, nosnippet" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "DENY" always;
add_header Referrer-Policy "same-origin" always;
add_header X-Admin-System "Scalelink-Internal-Console" always;
add_header Server "Scalelink-Gateway" always;
# ========= 阻断搜索引擎 =========
location = /robots.txt {
default_type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
# ========= 前端 admin 页面 =========
location / {
root /data/tengine/html/fly_moon_web/dist;
index index.html index.htm;
try_files $uri $uri/ /index.html;
add_header X-Robots-Tag "noindex, nofollow, nosnippet" always;
add_header X-Admin-System "Scalelink-Internal-Console" always;
add_header X-Frame-Options "DENY" always;
add_header Referrer-Policy "same-origin" always;
# admin 页面不缓存(钓鱼站通常强缓存)
add_header Cache-Control "no-store, private";
}
location = /login {
limit_req zone=login_limit burst=5 nodelay;
try_files $uri $uri/ /index.html;
}
# ========= API原有逻辑 =========
location ^~ /prod-api {
client_max_body_size 100m;
proxy_pass http://43.153.21.64:8080;
proxy_set_header Host 43.153.21.64;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 3s;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
}
location /prod-api/monitor/job {
proxy_pass http://task_backend$uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 80;
server_name admin.scalelink.cn;
return 301 https://$host$request_uri;
}
Reference in New Issue View Git Blame Copy Permalink