Older/Server/conf/nginx.conf

user root;
worker_processes 1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;
events {
    worker_connections 1024;
}


http {
    include mime.types;
    default_type application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    rewrite_log on;
    sendfile on;
    #tcp_nopush     on;

    keepalive_timeout 65;

    gzip on;
    gzip_types application/octet-stream text/markdown text/plain application/json application/x-javascript text/css application/xml text/javascript application/javascript application/x-httpd-php image/jpeg image/gif image/png;

    upstream local {
        server 127.0.0.1:8081;
    }

    upstream twikoo {
        server 127.0.0.1:8082;
    }

    upstream gitea {
        server 127.0.0.1:8083;
    }

    upstream frp_http_proxy {
        server 127.0.0.1:8084;
    }

    upstream frp_board {
        server 127.0.0.1:8085;
    }

    upstream speed_test {
        server 127.0.0.1:8087;
    }

    upstream typesense {
        server 127.0.0.1:8108;
    }

    init_by_lua_file lua/settings.lua;

    server {
        listen 443 ssl;
        server_name unraid.amass.fun;

        client_header_timeout 120s;         
        client_body_timeout 120s;           

        ssl_certificate cert/unraid.amass.fun.pem;
        ssl_certificate_key cert/unraid.amass.fun.key;
        ssl_session_timeout 5m; #缓存有效期
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
        ssl_prefer_server_ciphers on; #使用服务器端的首选算法
        
        location / {
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header x-wiz-real-ip $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://frp_http_proxy;
        }
    }

    server {
        listen 443 ssl;
        server_name chatgpt.amass.fun;

        client_header_timeout 120s;         
        client_body_timeout 120s;           

        ssl_certificate cert/chatgpt.amass.fun.pem;
        ssl_certificate_key cert/chatgpt.amass.fun.key;
        ssl_session_timeout 5m; #缓存有效期
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
        ssl_prefer_server_ciphers on; #使用服务器端的首选算法
        
        location / {
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header x-wiz-real-ip $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://frp_http_proxy;
        }
    }

    server {
        listen 443 ssl;
        server_name pve.amass.fun;

        client_header_timeout 120s;         
        client_body_timeout 120s;           
        client_max_body_size 512m;   

        ssl_certificate cert/pve.amass.fun.pem;
        ssl_certificate_key cert/pve.amass.fun.key;
        ssl_session_timeout 5m; #缓存有效期
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
        ssl_prefer_server_ciphers on; #使用服务器端的首选算法
        
        location / {
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header x-wiz-real-ip $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://frp_http_proxy;
        }
    }

    server {
        listen 443 ssl;
        server_name gitea.amass.fun;

        client_header_timeout 120s;         
        client_body_timeout 120s;           
        client_max_body_size 512m;   

        ssl_certificate cert/gitea.amass.fun.pem;
        ssl_certificate_key cert/gitea.amass.fun.key;
        ssl_session_timeout 5m; #缓存有效期
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
        ssl_prefer_server_ciphers on; #使用服务器端的首选算法
        
        location / {
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://gitea;
        }
    }

    server {
        listen 443 ssl;
        server_name typesense.amass.fun;

        client_header_timeout 120s;         
        client_body_timeout 120s;           
        client_max_body_size 512m;   

        ssl_certificate cert/typesense.amass.fun.pem;
        ssl_certificate_key cert/typesense.amass.fun.key;
        ssl_session_timeout 5m; #缓存有效期
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
        ssl_prefer_server_ciphers on; #使用服务器端的首选算法
        
        location / {
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://typesense;
        }
    }

    server {
        listen 443 ssl;
        server_name amass.fun;

        ssl_certificate cert/amass.fun.pem;
        ssl_certificate_key cert/amass.fun.key;
        ssl_session_timeout 5m; #缓存有效期
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
        ssl_prefer_server_ciphers on; #使用服务器端的首选算法

        location / {
            root amass_blog;
            index index.html index.htm;
        }

        location /lua {
            default_type text/html;
            content_by_lua_file lua/helloworld.lua;
        }

        location = /api/login {
            content_by_lua_file lua/login.lua;
        }

        location = /blog/profile {
            content_by_lua_file lua/profile.lua;
        }

        location /video {
            access_by_lua_file lua/access.lua;
            proxy_pass http://local;
        }

        location /phtot_gallery {
            proxy_pass http://local;
        }
        
        location ~ /api/v1/.*$ {
            proxy_pass http://local;
        }

        location = /search/website_collections {
            content_by_lua_file lua/request_website_collections.lua;
        }

        location ~ /trigger-ci.+$ {
            proxy_pass http://local;
        }

        location ~ /notify.*$ {
            proxy_pass http://local;
        }

        location /speedtest {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header x-wiz-real-ip $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://speed_test;
        }
        location /backend {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header x-wiz-real-ip $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://speed_test;
        }
        location /InstallerRepository {
            root .;
            index index.html index.htm;
        }

        location /Younger/ChatRoom {

            proxy_pass http://local;

            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "Upgrade";
            proxy_set_header Host $host;
            proxy_read_timeout 1200s;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page 500 502 503 504 /404.html;
        location = /404.html {
            root amass_blog;
        }

        location ^~ /index/ {
            try_files $uri /index.html;
        }

        location /wechat {
            proxy_pass http://local;
        }

        location /twikoo {
            proxy_pass http://twikoo;
        }

        location /frp/ {
            proxy_pass http://frp_board/;
            proxy_redirect /static/ /frp/static/;
        }
    }

    server {
        listen 80;
        server_name pve.amass.fun;
        rewrite ^(.*)$ https://pve.amass.fun$1 permanent;
    }

    server {
        listen 80;
        server_name gitea.amass.fun;
        rewrite ^(.*)$ https://gitea.amass.fun$1 permanent;
    }

    server {
        listen 80;
        server_name amass.fun;
        location /resource {
            root .;
        }
        location /speedtest {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header x-wiz-real-ip $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://speed_test;
        }
        location /backend {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header x-wiz-real-ip $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://speed_test;
        }

        location / {
            rewrite ^(.*)$ https://amass.fun$1 permanent;
        }
    }
}