You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
flyapps/nginx.conf.d/flyapps-vhost.conf

116 lines
3.5 KiB

proxy_set_header X-Forwarded-For $remote_addr;
client_max_body_size 2000m;
#keepalive_timeout 300;
server
{
listen 80;
listen 443 ssl http2;
server_name app.hehelucky.cn;
index index.html index.htm default.htm default.html;
root /data/fir_client;
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
ssl_certificate /etc/nginx/conf.d/app.hehelucky.cn.pem;
ssl_certificate_key /etc/nginx/conf.d/app.hehelucky.cn.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
# 如果未开启token 授权,可以启动下面配置,直接让nginx读取资源,无需 uwsgi 进行转发
# location ~ ^/download/ {
# root /data/flyapp/fir_ser/;
# rewrite ^/download/(.*) /files/$1 break;
# }
# 如果使用cdn,需要配置该选项
#set_real_ip_from 0.0.0.0/0;
#real_ip_header X-Forwarded-For;
location ~ ^/(download|api|files|udid|captcha|show_udid|flower) {
uwsgi_send_timeout 300; # 指定向uWSGI传送请求的超时时间,完成握手后向uWSGI传送请求的超时时间。
uwsgi_connect_timeout 300; # 指定连接到后端uWSGI的超时时间。
uwsgi_read_timeout 300; # 指定接收uWSGI应答的超时时间,完成握手后接收uWSGI应答的超时时间。
include uwsgi_params;
uwsgi_pass flyapps:8898;
uwsgi_param UWSGI_SCRIPT wsgi;
}
location ~ ^/(index|apps|user|login|register|supersign|home|reset) {
try_files $uri $uri/ /index.html;
}
location / {
try_files $uri $uri/ /short/short.html;
}
#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)
{
return 404;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
error_log off;
access_log /dev/null;
}
location ~ .*\.(js|css)?$
{
expires 12h;
error_log off;
access_log /dev/null;
}
access_log /var/log/nginx/flyapps_access.log;
error_log /var/log/nginx/flyapps_error.log;
}
server
{
listen 3448 ssl http2;
server_name app.hehelucky.cn;
index index.html index.htm default.htm default.html;
root /data/fir_admin;
ssl_certificate /etc/nginx/conf.d/app.hehelucky.cn.pem;
ssl_certificate_key /etc/nginx/conf.d/app.hehelucky.cn.key;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
error_page 497 https://$host$request_uri;
location ~ ^/(api|flower) {
uwsgi_send_timeout 300; # 指定向uWSGI传送请求的超时时间,完成握手后向uWSGI传送请求的超时时间。
uwsgi_connect_timeout 300; # 指定连接到后端uWSGI的超时时间。
uwsgi_read_timeout 300; # 指定接收uWSGI应答的超时时间,完成握手后接收uWSGI应答的超时时间。
include uwsgi_params;
uwsgi_pass flyapps:8898;
uwsgi_param UWSGI_SCRIPT wsgi;
}
location / {
}
access_log /var/log/nginx/fadmin_access.log;
error_log /var/log/nginx/fadmin_error.log;
}