# 80端口:仅处理HTTP请求,自动重定向到HTTPS server { listen 80; server_name jarvis.van333.cn; # 匹配域名 # 核心:HTTP请求永久重定向到HTTPS(301表示永久重定向) return 301 https://$host$request_uri; # 可选:记录重定向日志(便于排查) access_log /www/sites/jarvis.van333.cn/log/redirect.log main; } # 443端口:处理HTTPS请求,包含SSL配置和业务逻辑 server { listen 443 ssl; server_name jarvis.van333.cn; # 与80端口保持一致的域名 # 网站根目录和默认首页(保留你的业务配置) root /www/sites/jarvis.van333.cn/index; index index.html index.htm; # SSL证书配置(仅在443端口生效) ssl_certificate /www/common/ssl/jarvis.van333.cn/fullchain.cer; ssl_certificate_key /www/common/ssl/jarvis.van333.cn.key; # SSL安全配置(复用你的原有配置) ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256; # 日志配置 access_log /www/sites/jarvis.van333.cn/log/access.log main; error_log /www/sites/jarvis.van333.cn/log/error.log; # 静态资源缓存配置 location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { expires 1y; add_header Cache-Control "public, immutable"; try_files $uri =404; } # ========== 重要:后端API代理配置 ========== # 将所有API请求代理到后端服务器(解决混合内容问题) # 注意:这里的路径需要与前端 VUE_APP_BASE_API 配置一致 location /dev-api/ { proxy_pass http://127.0.0.1:30313/; # 后端服务地址 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $server_name; # WebSocket支持(如果需要) proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # 超时设置 proxy_connect_timeout 600s; proxy_send_timeout 600s; proxy_read_timeout 600s; } # Druid监控代理(如果需要) location /druid/ { proxy_pass http://127.0.0.1:30313/druid/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # Vue Router History模式支持(必须放在最后) location / { try_files $uri $uri/ /index.html; } # 404错误页面 error_page 404 /404.html; }