|
|
@@ -0,0 +1,97 @@
|
|
|
+##
|
|
|
+# You should look at the following URL's in order to grasp a solid understanding
|
|
|
+# of Nginx configuration files in order to fully unleash the power of Nginx.
|
|
|
+# https://www.nginx.com/resources/wiki/start/
|
|
|
+# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
|
|
|
+# https://wiki.debian.org/Nginx/DirectoryStructure
|
|
|
+#
|
|
|
+# In most cases, administrators will remove this file from sites-enabled/ and
|
|
|
+# leave it as reference inside of sites-available where it will continue to be
|
|
|
+# updated by the nginx packaging team.
|
|
|
+#
|
|
|
+# This file will automatically load configuration files provided by other
|
|
|
+# applications, such as Drupal or Wordpress. These applications will be made
|
|
|
+# available underneath a path with that package name, such as /drupal8.
|
|
|
+#
|
|
|
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
|
|
|
+##
|
|
|
+
|
|
|
+# Default server configuration
|
|
|
+#
|
|
|
+# ==============================================
|
|
|
+# 1. git.leadmuta.com → 转发到本地 3000 端口
|
|
|
+# ==============================================
|
|
|
+server {
|
|
|
+ listen 80;
|
|
|
+ server_name git.leadmuta.com;
|
|
|
+ return 301 https://$host$request_uri;
|
|
|
+}
|
|
|
+
|
|
|
+server {
|
|
|
+ listen 443 ssl http2;
|
|
|
+ server_name git.leadmuta.com;
|
|
|
+
|
|
|
+ # SSL 证书路径(改成你自己的)
|
|
|
+ ssl_certificate /etc/nginx/ssl/git.leadmuta.com.pem;
|
|
|
+ ssl_certificate_key /etc/nginx/ssl/git.leadmuta.com.key;
|
|
|
+
|
|
|
+ # 反向代理 → 3000 端口
|
|
|
+ location / {
|
|
|
+ proxy_pass http://127.0.0.1:3000;
|
|
|
+ proxy_set_header Host $host;
|
|
|
+ proxy_set_header X-Real-IP $remote_addr;
|
|
|
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
+ proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
+ proxy_read_timeout 600;
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+# ==============================================
|
|
|
+# 2. www.leadmuta.com → 主站(静态网站/你自己的服务)
|
|
|
+# ==============================================
|
|
|
+server {
|
|
|
+ listen 80;
|
|
|
+ server_name www.leadmuta.com leadmuta.com;
|
|
|
+ return 301 https://$host$request_uri;
|
|
|
+}
|
|
|
+
|
|
|
+server {
|
|
|
+ listen 443 ssl http2;
|
|
|
+ server_name www.leadmuta.com;
|
|
|
+
|
|
|
+ # SSL 证书路径(改成你自己的)
|
|
|
+ ssl_certificate /etc/nginx/ssl/www.leadmuta.com.pem;
|
|
|
+ ssl_certificate_key /etc/nginx/ssl/www.leadmuta.com.key;
|
|
|
+
|
|
|
+ # 安全优化(不用改)
|
|
|
+ ssl_protocols TLSv1.2 TLSv1.3;
|
|
|
+ ssl_ciphers HIGH:!aNULL:!MD5;
|
|
|
+ ssl_prefer_server_ciphers on;
|
|
|
+
|
|
|
+ # 网站根目录
|
|
|
+ root /var/www/html;
|
|
|
+ index index.html index.htm;
|
|
|
+
|
|
|
+ location / {
|
|
|
+ try_files $uri $uri/ =404;
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+# Virtual Host configuration for example.com
|
|
|
+#
|
|
|
+# You can move that to a different file under sites-available/ and symlink that
|
|
|
+# to sites-enabled/ to enable it.
|
|
|
+#
|
|
|
+#server {
|
|
|
+# listen 80;
|
|
|
+# listen [::]:80;
|
|
|
+#
|
|
|
+# server_name example.com;
|
|
|
+#
|
|
|
+# root /var/www/example.com;
|
|
|
+# index index.html;
|
|
|
+#
|
|
|
+# location / {
|
|
|
+# try_files $uri $uri/ =404;
|
|
|
+# }
|
|
|
+#}
|
