nginx 配置反向代理 + ssl 模板

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
server {
listen 80;
server_name abc.com;

location ^~ /.well-known/acme-challenge/ {
alias /xxx/xxx/;
try_files $uri =404;
}

location / { // 强制 https 重定向
rewrite ^(.*)$ https://$host$1 permanent;
}


}

server {
listen 443 ssl;
server_name abc.com;

location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

ssl on;
ssl_certificate /root/ssl/chained.pem;
ssl_certificate_key /root/ssl/domain.key;
}

// 静态网站
server {
listen 443 ssl;
server_name xxx.com;

root /www/xxx;
index index.html;
error_page 404 /404.html;

ssl on;
ssl_certificate /root/ssl/chained.pem;
ssl_certificate_key /root/ssl/domain.key;
}