1

2025-11-05 12:54:35 +08:00
parent d7a71931a9
commit 2fab612906
4 changed files with 267 additions and 5 deletions
--- a/nginx-https.conf
+++ b/nginx-https.conf
@@ -0,0 +1,101 @@
+# 80端口：仅处理HTTP请求，自动重定向到HTTPS
+
+server {
+    listen 80;
+    server_name jarvis.van333.cn;  # 匹配域名
+
+    # 核心：HTTP请求永久重定向到HTTPS（301表示永久重定向）
+    return 301 https://$host$request_uri;
+
+    # 可选：记录重定向日志（便于排查）
+    access_log /www/sites/jarvis.van333.cn/log/redirect.log main;
+}
+
+# 443端口：处理HTTPS请求，包含SSL配置和业务逻辑
+
+server {
+    listen 443 ssl;
+    server_name jarvis.van333.cn;  # 与80端口保持一致的域名
+
+    # 网站根目录和默认首页（保留你的业务配置）
+    root /www/sites/jarvis.van333.cn/index;
+    index index.html index.htm;
+
+    # SSL证书配置（仅在443端口生效）
+    ssl_certificate /www/common/ssl/jarvis.van333.cn/fullchain.cer;
+    ssl_certificate_key /www/common/ssl/jarvis.van333.cn.key;
+
+    # SSL安全配置（复用你的原有配置）
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
+
+    # 日志配置
+    access_log /www/sites/jarvis.van333.cn/log/access.log main;
+    error_log /www/sites/jarvis.van333.cn/log/error.log;
+
+    # 静态资源缓存配置
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        try_files $uri =404;
+    }
+
+    # ========== 重要：后端API代理配置 ==========
+    # 将所有API请求代理到后端服务器（解决混合内容问题）
+    # 注意：这里的路径需要与前端 VUE_APP_BASE_API 配置一致
+    location /dev-api/ {
+        proxy_pass http://127.0.0.1:30313/;  # 后端服务地址
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host $server_name;
+        
+        # WebSocket支持（如果需要）
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        
+        # 超时设置
+        proxy_connect_timeout 600s;
+        proxy_send_timeout 600s;
+        proxy_read_timeout 600s;
+    }
+
+    # Swagger API文档代理（如果需要）
+    location /v3/api-docs/ {
+        proxy_pass http://127.0.0.1:30313/v3/api-docs/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # Swagger UI代理（如果需要）
+    location /swagger-ui/ {
+        proxy_pass http://127.0.0.1:30313/swagger-ui/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # Druid监控代理（如果需要）
+    location /druid/ {
+        proxy_pass http://127.0.0.1:30313/druid/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # Vue Router History模式支持（必须放在最后）
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # 404错误页面
+    error_page 404 /404.html;
+}
+