zhaoyingbo/nodebook
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nodebook/Miscellaneous/nginx_pi.conf
RainSun f2820294c6 update
2020-04-02 17:29:57 +08:00

370 lines
12 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

server {
listen 80;
server_name canary.moe;
return 301 https://canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/home.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name canary.moe;
#证书文件名称
ssl_certificate 1_canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
#请按照这个套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
root /home/pi/data/wwwroot;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi.conf;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
access_log /home/pi/data/nginx/logs/home443.log;
}
server {
listen 80;
server_name ccb.canary.moe;
return 301 https://ccb.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/ccb.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name ccb.canary.moe;
#证书文件名称
ssl_certificate 1_ccb.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_ccb.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
#请按照这个套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
root /home/pi/data/ccb/foreEnd;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api/ {
proxy_pass http://127.0.0.1:5005;
}
location /download/ {
alias /home/pi/data/ccb/assets/;
}
access_log /home/pi/data/nginx/logs/ccb443.log;
}
server {
listen 80;
server_name pi.powerrain.cn;
return 301 https://pi.powerrain.cn$request_uri;
access_log /home/pi/data/nginx/logs/pi.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name pi.powerrain.cn;
#证书文件名称
ssl_certificate 1_pi.powerrain.cn_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_pi.powerrain.cn.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
#请按照这个套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:3000;
}
location /html {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
try_files $uri $uri/ =404;
}
access_log /home/pi/data/nginx/logs/pi443.log;
}
server {
listen 80;
server_name cloud.canary.moe;
return 301 https://cloud.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/cloud.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name cloud.canary.moe;
#证书文件名称
ssl_certificate 1_cloud.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_cloud.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://0.0.0.0:5299;
proxy_http_version 1.1;
proxy_read_timeout 360s;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /download {
alias /home/pi/data/baiducloud/Downloads/340047113_1144131090;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
autoindex_format html;
charset utf-8,gbk;
}
access_log /home/pi/data/nginx/logs/cloud443.log;
}
server {
listen 80;
server_name coc.canary.moe;
return 301 https://coc.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/coc.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name coc.canary.moe;
#证书文件名称
ssl_certificate 1_coc.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_coc.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
location / {
root /home/pi/data/coc/foreEnd;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://127.0.0.1:5003;
}
location /api/photo/show/ {
alias /home/pi/data/coc/backEnd/upload/;
}
access_log /home/pi/data/nginx/logs/coc443.log;
}
server {
listen 80;
server_name pan.canary.moe;
return 301 https://pan.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/pan.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name pan.canary.moe;
#证书文件名称
ssl_certificate 1_pan.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_pan.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
root /home/pi/data/nextcloud/nextcloud;
index index.php index.htm;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
gzip off;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ /index.php;
}
location ~ \.php(?:$|/) {
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
#ifastcgi_pass php-handler;
}
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
access_log /home/pi/data/nginx/logs/pan443.log;
}
server {
listen 80;
server_name portainer.canary.moe;
return 301 https://portainer.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/portainer.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name portainer.canary.moe;
#证书文件名称
ssl_certificate 1_portainer.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_portainer.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:5006;
}
access_log /home/pi/data/nginx/logs/portainer443.log;
}
server {
listen 80;
server_name yg.canary.moe;
return 301 https://yg.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/yg.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name yg.canary.moe;
#证书文件名称
ssl_certificate 1_yg.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_yg.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
location / {
root /home/pi/data/yg/foreEnd;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /verify/ {
alias /home/pi/data/yg/adminForeEnd/;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /swagger/ {
alias /home/pi/data/yg/swagger/;
index index.html index.htm;
}
location /v1/ {
proxy_pass http://127.0.0.1:5007/;
}
location /photo/ {
alias /home/pi/data/yg/backEnd/upload/;
}
access_log /home/pi/data/nginx/logs/yg443.log;
}
server {
listen 80;
server_name aria.canary.moe;
return 301 https://aria.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/aria.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name aria.canary.moe;
#证书文件名称
ssl_certificate 1_aria.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_aria.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
location / {
root /home/pi/data/aria/yaaw/;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /rpc/ {
proxy_pass http://127.0.0.1:6800/;
}
location /download {
alias /home/pi/data/aria/download;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
autoindex_format html;
charset utf-8,gbk;
}
access_log /home/pi/data/nginx/logs/aria443.log;
}
# ccb http://127.0.0.1:5005
# pi http://127.0.0.1:3000
# cloud http://0.0.0.0:5299
# coc http://127.0.0.1:5003
# portainter http://127.0.0.1:5006
Reference in New Issue View Git Blame Copy Permalink