#user nobody;
worker_processes 2;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 2048;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
proxy_request_buffering off;
proxy_buffering off;
client_max_body_size 100M;#最大请求长度
client_body_buffer_size 100M;
proxy_connect_timeout 600;#代理超时时间
proxy_send_timeout 600;
proxy_read_timeout 600;
server {
listen 80; #
listen 443 ssl;
server_name _;#通配server_name
server_tokens off;#隐藏ng服务版本
rewrite ^(.*) https://$server_name$1 permanent;
ssl_certificate ssl/证书.pem;
ssl_certificate_key ssl/证书密钥.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
add_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, OPTIONS';
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
add_header X-Xss-Protection "1;mode=block";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options nosniff;
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Download-Options noopen;
add_header Referrer-Policy no-referrer;
location / {
proxy_intercept_errors on;
}
location /BjCmaPark {
#proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header HOST $http_host;
proxy_pass http://localhost:81/BjCmaPark;
}
location /assets/ {
proxy_pass http://localhost:81/assets;
}
location /BjCmaPark-appdown {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:81/BjCmaPark-appdown;
}
location /BjCmaPark-api {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:81/BjCmaPark-api;
}
location /BjCmaParkapp {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:81/BjCmaParkapp;
}
location /BjCmaParkappService {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:81/BjCmaParkappService;
}
location /thsjxffw {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_pass http://localhost:81/thsjxffw;
}
# 定义 403 和 404 错误页面
error_page 403 /404.html;
error_page 404 /404.html;
# 定义除了 403 和 404 外的所有错误页面
error_page 400 401 402 405 500 501 502 503 504 /error.html;
location = /404.html {
root html;
internal;
}
location = /error.html {
root html;
internal;
}
}
}