diff --git a/Server/conf/nginx.conf b/Server/conf/nginx.conf index fb330d7..11111d5 100644 --- a/Server/conf/nginx.conf +++ b/Server/conf/nginx.conf @@ -50,6 +50,10 @@ http { server 127.0.0.1:8084; } + upstream frp_pve { + server 127.0.0.1:8085; + } + init_by_lua_file lua/settings.lua; server { @@ -76,6 +80,30 @@ http { } } + server { + listen 443 ssl; + server_name pve.amass.fun; + + ssl_certificate cert/pve.amass.fun.pem; + ssl_certificate_key cert/pve.amass.fun.key; + ssl_session_timeout 5m; #缓存有效期 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议 + ssl_prefer_server_ciphers on; #使用服务器端的首选算法 + + location / { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header x-wiz-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://frp_pve; + } + } + server { listen 443 ssl; server_name gitea.amass.fun; @@ -100,7 +128,7 @@ http { server { listen 443 ssl; - server_name 127.0.0.1; + server_name amass.fun; ssl_certificate cert/amass.fun.pem; ssl_certificate_key cert/amass.fun.key; @@ -119,7 +147,7 @@ http { content_by_lua_file lua/helloworld.lua; } - location = /blog/login { + location = /api/login { content_by_lua_file lua/login.lua; } @@ -192,9 +220,9 @@ http { # redirect server error pages to the static page /50x.html # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root html; + error_page 500 502 503 504 /404.html; + location = /404.html { + root amass_blog; } location ^~ /index/ { @@ -210,6 +238,12 @@ http { } } + server { + listen 80; + server_name pve.amass.fun; + rewrite ^(.*)$ https://pve.amass.fun$1 permanent; + } + server { listen 80; server_name wiznote.amass.fun;