server{
listen 443 ssl;
listen [::]:443 ssl;
listen 777 ssl;
listen [::]:777 ssl;
#对应你的域名
server_name tasks.voidspace.cn;
gzip on;
gzip_comp_level 4;
gzip_types application/javascript text/css application/json;
gzip_vary on;
gzip_static on;
ssl_certificate /home/orangepi/.acme.sh/*****.cer;
ssl_certificate_key /home/orangepi/.acme.sh/*****.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
#如果是静态文件,直接指向目录,如果是动态应用,用proxy_pass转发一下
location / {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_max_temp_file_size 0;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_pass http://localhost:58088;
}
}
|