Add pve proxy.

2023-11-21 00:10:26 +08:00 · 2023-11-21 00:10:26 +08:00 · 55097bcf75
commit 55097bcf75
parent 0e2cd89890
1 changed files with 39 additions and 5 deletions
--- a/Server/conf/nginx.conf
+++ b/Server/conf/nginx.conf
@ -50,6 +50,10 @@ http {
        server 127.0.0.1:8084;
    }

+    upstream frp_pve {
+        server 127.0.0.1:8085;
+    }
+
    init_by_lua_file lua/settings.lua;

    server {
@ -76,6 +80,30 @@ http {
        }
    }

+    server {
+        listen 443 ssl;
+        server_name pve.amass.fun;
+
+        ssl_certificate cert/pve.amass.fun.pem;
+        ssl_certificate_key cert/pve.amass.fun.key;
+        ssl_session_timeout 5m; #缓存有效期
+        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
+        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
+        ssl_prefer_server_ciphers on; #使用服务器端的首选算法
+        
+        location / {
+            proxy_http_version 1.1;
+            proxy_set_header Upgrade $http_upgrade;
+            proxy_set_header Connection "upgrade";
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header x-wiz-real-ip $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header Host $http_host;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_pass https://frp_pve;
+        }
+    }
+
    server {
        listen 443 ssl;
        server_name gitea.amass.fun;
@ -100,7 +128,7 @@ http {

    server {
        listen 443 ssl;
-        server_name 127.0.0.1;
+        server_name amass.fun;

        ssl_certificate cert/amass.fun.pem;
        ssl_certificate_key cert/amass.fun.key;
@ -119,7 +147,7 @@ http {
            content_by_lua_file lua/helloworld.lua;
        }

-        location = /blog/login {
+        location = /api/login {
            content_by_lua_file lua/login.lua;
        }

@ -192,9 +220,9 @@ http {

        # redirect server error pages to the static page /50x.html
        #
-        error_page 500 502 503 504 /50x.html;
-        location = /50x.html {
-            root html;
+        error_page 500 502 503 504 /404.html;
+        location = /404.html {
+            root amass_blog;
        }

        location ^~ /index/ {
@ -210,6 +238,12 @@ http {
        }
    }

+    server {
+        listen 80;
+        server_name pve.amass.fun;
+        rewrite ^(.*)$ https://pve.amass.fun$1 permanent;
+    }
+
    server {
        listen 80;
        server_name wiznote.amass.fun;