server { listen 80; server_name y.com; rewrite ^(.*)$ https://${server_name}$1 permanent; } server { listen 443 ssl; server_name ysh.com; gzip on; gzip_static on; # 需要http_gzip_static_module 模块 gzip_min_length 1k; gzip_comp_level 4; gzip_proxied any; gzip_types text/plain text/xml text/css; gzip_vary on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; underscores_in_headers on; # 前端打包好的dist目录文件 root /data/bc-ui/; try_files $uri $uri/ /index.html; ssl_certificate /etc/nginx/cert/9828521_h.bay.com.pem; ssl_certificate_key /etc/nginx/cert/9828521_y.by.com.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS'; add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; # 若新增后端路由前缀注意在此处添加(|新增) location /admin/ { proxy_pass http://127.0.0.1:8080/; proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto http; } # 避免端点安全问题 if ($request_uri ~ "/actuator"){ return 403; } }
obs brose
minio