项目使用nginx代理,配置nginx.conf,使项目支持https协议,前后端无需改动。
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
# another virtual host using mix of IP-, name-, and port-based configuration
server{
listen 80;
# 服务器地址
server_name 1.1.1.1;
rewrite ^(.*) https://$http_host$request_uri? permanent;
}
# HTTPS server
#
server {
listen 443 ssl;
# 服务器地址
server_name 1.1.1.1;
#替换为申请的证书存放的位置
ssl_certificate /usr/local/nginx/conf/server.crt;
add_header Content-Security-Policy "upgrade-insecure-requests";
#替换为申请的证书存放的位置
ssl_certificate_key /usr/local/nginx/conf/server.key;
#ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
root html/dist;
#autoindex on;
index index.html;
try_files $uri $uri/ /index.html;
#error_page 405 =200 @405;
#proxy_pass http://1.1.1.1:8088;
}
location ^~/api/ {
proxy_pass http://1.1.1.1:8088;
proxy_set_header Host $host;
add_header X-Real-IP $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ^~/disk/files/ {
#注:linux服务器上资源文件存放的位置,前端访问文件的接口需去掉端口号
alias /disk/files/;
}
}
}