http转https配置:
upstream web {
ip_hash;
server 127.0.0.1:8081;
}
server {
listen 8080;
server_name www.example.com;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate /home/xxxxx.crt;
ssl_certificate_key /home/xxxxx.key;
add_header Content-Security-Policy upgrade-insecure-requests;
client_max_body_size 100M;
proxy_set_header Host $host;
server_name_in_redirect off;
port_in_redirect off;
location / {
#add_header 'Access-Control-Allow-Origin' '*';
#add_header 'Access-Control-Allow-Methods' 'GET,POST,OPTIONS';
#add_header 'Access-Control-Allow-Headers' '*';
proxy_ignore_client_abort on;
proxy_pass http://web/;
proxy_intercept_errors on;
index index.html index.htm;
#以下是新增配置
proxy_connect_timeout 120;
proxy_send_timeout 300;
proxy_read_timeout 300;
#proxy_http_version 1.1;
#proxy_set_header Connection "";
}
error_page 500 502 503 504 /50.html;
error_page 400 404 /50.html;
location = /50.html{
root /etc/nginx;
}
location /img/**/pki-validation/ {
root /etc/nginx/ssh_txt;
index index.html index.htm;
}
location /.well-known/pki-validation/ {
root /home/ubuntu/fileauth;
index index.html index.htm;
}
}