dxin/Work-configuration-file
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
30d0f291ab647e3822b81b7bc6e835dc83d587e2
Work-configuration-file/nginx/jennie.im.conf
dxin 0e593caf99 初始化提交
2025-10-07 15:58:15 +08:00

163 lines
5.4 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

upstream websocket_backend {
ip_hash;
server 106.53.194.199:8071;
}
# WebSocket代理配置
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# 1. 强制 HTTP 转 HTTPS统一跳转到 www.jennie.im
server {
listen 80;
server_name jennie.im www.jennie.im;
return 301 https://www.jennie.im$request_uri;
}
# 2. 统一将 jennie.im 重定向到 www.jennie.imHTTPS 保留)
server {
listen 443 ssl;
server_name jennie.im;
ssl_certificate /data/tengine/certificate/jennie.im.crt;
ssl_certificate_key /data/tengine/certificate/jennie.im.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
return 301 https://www.jennie.im$request_uri;
}
# 3. 正式服务站点https://www.jennie.im
server {
listen 443 ssl;
server_name www.jennie.im;
ssl_certificate /data/tengine/certificate/jennie.im.crt;
ssl_certificate_key /data/tengine/certificate/jennie.im.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
# 单独日志文件
access_log /data/tengine/logs/www_jennie_im_access.log;
error_log /data/tengine/logs/www_jennie_im_error.log;
location / {
root /data/tengine/html/jennie_web/dist/;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
# sit的支付模块
location /sit-api/payment/webhook/ {
proxy_pass http://106.53.194.199:8090; #运维机器的8010代理到sit的8090
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_intercept_errors off;
proxy_buffering off;
proxy_cache off;
proxy_set_header Connection keep-alive;
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
if ($request_method = OPTIONS ) {
return 204;
}
}
#国内test机器的邮件服务
location /test-api/webhook/ {
proxy_pass http://43.139.181.45:4997/webhook/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_intercept_errors off;
proxy_buffering off;
proxy_cache off;
proxy_set_header Connection keep-alive;
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
if ($request_method = OPTIONS ) {
return 204;
}
}
location /dev-api/webhook/ {
proxy_pass http://106.53.194.199:8091; #运维机器的8091代理到dev的8090
proxy_set_header Host 106.53.194.199;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_intercept_errors off;
proxy_buffering off;
proxy_cache off;
proxy_set_header Connection keep-alive;
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
if ($request_method = OPTIONS ) {
return 204;
}
}
# WebSocket代理
location /ws {
proxy_pass http://websocket_backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# WebSocket连接超时设置
proxy_read_timeout 86400;
proxy_send_timeout 86400;
}
# 处理 /sit-api/xxx转发到 127.0.0.1:5001 --> opt-server
location /sit-api/ {
proxy_pass http://127.0.0.1:5001;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#10响应缓冲
proxy_intercept_errors off;
proxy_buffering off;
proxy_cache off;
proxy_set_header Connection keep-alive;
#允许跨域
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,X-Requested-With,Accept,Origin' always;
#处理预检请求
if ($request_method = OPTIONS ) {
return 204;
}
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
Reference in New Issue View Git Blame Copy Permalink