leadmuta
/
Config


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697
							##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

# Default server configuration
#
# ==============================================
# 1. git.leadmuta.com → 转发到本地 3000 端口
# ==============================================
server {
    listen 80;
    server_name git.leadmuta.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name git.leadmuta.com;

    # SSL 证书路径（改成你自己的）
    ssl_certificate /etc/nginx/ssl/git.leadmuta.com.pem;
    ssl_certificate_key /etc/nginx/ssl/git.leadmuta.com.key;

    # 反向代理 → 3000 端口
    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 600;
    }
}

# ==============================================
# 2. www.leadmuta.com → 主站（静态网站/你自己的服务）
# ==============================================
server {
    listen 80;
    server_name www.leadmuta.com leadmuta.com;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    server_name www.leadmuta.com;

    # SSL 证书路径（改成你自己的）
    ssl_certificate /etc/nginx/ssl/www.leadmuta.com.pem;
    ssl_certificate_key /etc/nginx/ssl/www.leadmuta.com.key;

    # 安全优化（不用改）
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    # 网站根目录
    root /var/www/html;
    index index.html index.htm;

    location / {
        try_files $uri $uri/ =404;
    }
}

# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#	listen 80;
#	listen [::]:80;
#
#	server_name example.com;
#
#	root /var/www/example.com;
#	index index.html;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}