Nginx配置
配置 https
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
server {
listen 443 ssl; # 1.1版本后这样写
server_name lichaocheng.top; #填写绑定证书的域名
ssl_certificate /opt/lichaocheng.top/lichaocheng.top/sll/lichaocheng.top.pem; # 指定证书的位置,绝对路径
ssl_certificate_key /opt/lichaocheng.top/lichaocheng.top/sll/lichaocheng.top.key; # 绝对路径,同上
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
ssl_prefer_server_ciphers on;
location / {
root /opt/lichaocheng.top/lichaocheng.top; #站点目录,绝对路径
index index.html index.htm;
}
}
server {
listen 443 ssl; # 1.1版本后这样写
server_name hr.lichaocheng.top; #填写绑定证书的域名
ssl_certificate /opt/client/hrclient/office/sll/hr.lichaocheng.top.pem;
ssl_certificate_key /opt/client/hrclient/office/sll/hr.lichaocheng.top.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
ssl_prefer_server_ciphers on;
location / {
root /opt/client/hrclient/office/office; #站点目录,绝对路径
index index.html index.htm;
}
}
配置 http
1
2
3
4
5
6
7
8
9
server{
listen 80;
server_name www.lichaocheng.top;
location / {
root /opt/gopath/src/Cc360428/lichaocheng.top;
index index.html index.htm;
#proxy_pass http://127.0.0.1:80;
}
}
http 强制 https
1
2
3
4
5
server{
listen 80;
server_name lichaocheng.top;
rewrite ^(.*)$ https://$host$1 permanent;
}
https 转发内部接口
/opt/gopath/src/GolangCodeFile/hrBeegoServer/conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
server{
listen 443 ssl ;
server_name hrapi.lichaocheng.top;
ssl_certificate /opt/gopath/src/GolangCodeFile/hrBeegoServer/conf/hrapi.lichaocheng.top.pem;
ssl_certificate_key /opt/gopath/src/GolangCodeFile/hrBeegoServer/conf/hrapi.lichaocheng.top.key;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://0.0.0.0:18080;
}
}
server{
listen 443 ssl ;
server_name meserver.lichaocheng.top;
ssl_certificate /opt/lichaocheng.top/lichaocheng.top.server/conf/meserver.lichaocheng.top.pem;
ssl_certificate_key /opt/lichaocheng.top/lichaocheng.top.server/conf/meserver.lichaocheng.top.key;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://0.0.0.0:8180;
}
}
https
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
server {
listen 443 ssl; # 1.1版本后这样写
server_name blog.lichaocheng.top; #填写绑定证书的域名
ssl_certificate "/opt/client/bogl.lichaocheng.top/sll/blog.lichaocheng.top.csr";
ssl_certificate_key "/opt/client/bogl.lichaocheng.top/sll/blog.lichaocheng.top.key";
#ssl_session_timeout 5m;
#ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
#ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
#ssl_prefer_server_ciphers on;
location / {
root /opt/client/bogl.lichaocheng.top/public;
index index.html index.htm;
}
}
server {
listen 443;
server_name blog.lichaocheng.top; #填写绑定证书的域名
ssl on;
ssl_certificate /opt/client/bogl.lichaocheng.top/sll/blog.lichaocheng.top.crt;#填写你的证书所在的位置
ssl_certificate_key /opt/client/bogl.lichaocheng.top/sll/blog.lichaocheng.top.key;#填写你的key所在的位置
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照这个套件配置
ssl_prefer_server_ciphers on;
location / {
root /opt/client/bogl.lichaocheng.top/public;
index index.html index.htm;
}
}
http 转发内部接口
1
2
3
4
5
6
7
server{
listen 80;
server_name frp.lichaocheng.top;
location / {
proxy_pass http://0.0.0.0:9000;
}
}
端口映射
1
2
3
4
5
6
stream {
server {
listen 8836;
proxy_pass localhost:3306;
}
}
This post is licensed under
CC BY 4.0
by the author.