zhaoyingbo/nodebook
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nodebook/Miscellaneous/nginx_pi.conf
RainSun 042986e3fa update
2020-02-29 17:29:42 +08:00

210 lines
6.7 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

server {
listen 80;
server_name canary.moe;
return 301 https://canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/home.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name canary.moe;
#证书文件名称
ssl_certificate 1_canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
#请按照这个套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
root /home/pi/data/wwwroot;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi.conf;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
access_log /home/pi/data/nginx/logs/home443.log;
}
server {
listen 80;
server_name ccb.canary.moe;
return 301 https://ccb.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/ccb.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name ccb.canary.moe;
#证书文件名称
ssl_certificate 1_ccb.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_ccb.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
#请按照这个套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
root /home/pi/data/ccb/foreEnd;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api/ {
proxy_pass http://127.0.0.1:5005;
}
location /download/ {
alias /home/pi/data/ccb/assets/;
}
access_log /home/pi/data/nginx/logs/ccb443.log;
}
server {
listen 80;
server_name pi.powerrain.cn;
return 301 https://pi.powerrain.cn$request_uri;
access_log /home/pi/data/nginx/logs/pi.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name pi.powerrain.cn;
#证书文件名称
ssl_certificate 1_pi.powerrain.cn_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_pi.powerrain.cn.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
#请按照这个套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:3000;
}
location /html {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
try_files $uri $uri/ =404;
}
access_log /home/pi/data/nginx/logs/pi443.log;
}
server {
listen 80;
server_name coc.canary.moe;
return 301 https://coc.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/coc.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name coc.canary.moe;
#证书文件名称
ssl_certificate 1_coc.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_coc.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
location / {
root /home/pi/data/coc/foreEnd;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api {
proxy_pass http://127.0.0.1:5003;
}
location /api/photo/show/ {
alias /home/pi/data/coc/backEnd/upload/;
}
access_log /home/pi/data/nginx/logs/coc443.log;
}
server {
listen 80;
server_name pan.canary.moe;
return 301 https://pan.canary.moe$request_uri;
access_log /home/pi/data/nginx/logs/pan.log;
}
server {
#SSL 访问端口号为 443
listen 443 ssl http2; #填写绑定证书的域名
server_name pan.canary.moe;
#证书文件名称
ssl_certificate 1_pan.canary.moe_bundle.crt;
#私钥文件名称
ssl_certificate_key 2_pan.canary.moe.key;
ssl_session_timeout 5m;
#请按照这个协议配置
ssl_protocols TLSv1.1 TLSv1.2;
add_header Strict-Transport-Security "max-age=31536000";
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_prefer_server_ciphers on;
root /home/pi/data/owncloud;
index index.php index.htm;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
gzip off;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ /index.php;
}
location ~ \.php(?:$|/) {
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
#ifastcgi_pass php-handler;
}
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
access_log /home/pi/data/nginx/logs/pan443.log;
}
Reference in New Issue View Git Blame Copy Permalink