server {
    listen       80;
    server_name  blog.powerrain.cn;
    return 301 https://blog.powerrain.cn$request_uri;
}

server {
    #SSL 访问端口号为 443
    listen 443 ssl http2;    #填写绑定证书的域名
    server_name blog.powerrain.cn;
    #证书文件名称
    ssl_certificate 1_blog.powerrain.cn_bundle.crt;
    #私钥文件名称
    ssl_certificate_key 2_blog.powerrain.cn.key;
    ssl_session_timeout 5m;
    #请按照这个协议配置
    ssl_protocols  TLSv1.1 TLSv1.2;
    add_header Strict-Transport-Security "max-age=31536000";
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
    ssl_prefer_server_ciphers on;
    location / {
      proxy_pass http://127.0.0.1:8100;
    }
}