以下为无ssl证书配置的请求转发
server {
listen80;
server_name api.****.com;
#以下为指定请求域名匹配到某一个端口
#location~* /union {
#以下为全部转发到某一个端口
location/{
client_max_body_size 3000m;
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-PORT $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080;
proxy_redirect default;
proxy_connect_timeout3000;if ($http_origin ~ https://(.*).****.com){
set$allow_url $http_origin;
}if ($request_method =OPTIONS) {
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, HEAD";
# add_header Access-Control-Allow-Origin $allow_url;
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers "Cookie,Set-Cookie,Origin,X-Requested-With,token,authorization,Accept,Content-type";
add_header Access-Control-Allow-Credentials "true";
add_header Content-Type "text/plain; charset=utf-8";
add_header Content-Length 0;return 204;
}
}
}
以下为有ssl请求转发
server {
listen80;
server_name api.****.com;
rewrite^(.*)$ https://${server_name}$1 permanent;
}
server {
listen443;
server_name api.****.com;
ssl on;
ssl_certificate/etc/nginx/cert/api.pem;
ssl_certificate_key/etc/nginx/cert/api.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
#以下为指定请求域名匹配到某一个端口
#location~* /union {
#以下为全部转发到某一个端口
location/{
client_max_body_size 3000m;
proxy_next_upstream http_502 http_504 error timeout invalid_header;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-PORT $remote_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080;
proxy_redirect default;
proxy_connect_timeout3000;if ($request_method =OPTIONS) {
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS, HEAD";
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Headers "Cookie,Set-Cookie,Origin,X-Requested-With,token,authorization,Accept,Content-type";
add_header Access-Control-Allow-Credentials "true";
add_header Content-Type "text/plain; charset=utf-8";
add_header Content-Length 0;return 204;
}
}
}