映射后台接口
server {
listen 80;
listen 443 ssl;
server_name 域名/ip;
# 强制 HTTPS
if ($server_port !~ 443) {
rewrite ^(/.*)$ https://$host$1 permanent;
}
client_max_body_size 100m;
# SSL证书
ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# =============== GZIP 开启(关键!)===============
gzip on; # 开启 Gzip
gzip_vary on; # 告诉 CDN/代理,内容因编码而异
gzip_min_length 1024; # 小于 1KB 不压缩(避免小文件负优化)
gzip_types
text/plain
text/css
application/json
application/javascript
text/xml
application/xml
application/xml+rss
image/svg+xml
text/javascript; # 指定要压缩的 MIME 类型
gzip_comp_level 6; # 压缩级别(1~9),6 是速度与压缩比平衡点
gzip_buffers 16 8k; # 设置压缩缓冲区
gzip_http_version 1.1; # 只对 HTTP/1.1 及以上启用
gzip_proxied no-cache no-store private expired auth; # 防止代理私有接口时出问题
# ==================================================
location / {
proxy_pass http://127.0.0.1:5001; # 映射接口地址:端口
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 可选:设置超时(避免卡死)
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
}映射vue项目
server {
listen 80;
listen 443 ssl;
server_name 域名/ip;
# HTTP 重定向到 HTTPS
if ($server_port !~ 443) {
return 301 https://$host$request_uri;
}
client_max_body_size 100m;
# SSL证书
ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
root /var/www/xxx/dist; # 不要在root下 不然会没有权限
# 访问页面500 排查 tail -f /var/log/nginx/error.log
index index.html;
# =============== GZIP 开启(关键!)===============
gzip on; # 开启 Gzip
gzip_vary on; # 告诉 CDN/代理,内容因编码而异
gzip_min_length 1024; # 小于 1KB 不压缩(避免小文件负优化)
gzip_types
text/plain
text/css
application/json
application/javascript
text/xml
application/xml
application/xml+rss
image/svg+xml
text/javascript; # 指定要压缩的 MIME 类型
gzip_comp_level 6; # 压缩级别(1~9),6 是速度与压缩比平衡点
gzip_buffers 16 8k; # 设置压缩缓冲区
gzip_http_version 1.1; # 只对 HTTP/1.1 及以上启用
gzip_proxied no-cache no-store private expired auth; # 防止代理私有接口时出问题
# ==================================================
# =============== SPA 路由支持(Vue Router history 模式)===
location / {
# 尝试访问路径,如果不存在则返回 index.html,支持前端路由刷新
try_files $uri $uri/ /index.html;
}
# =======================================================
# =============== 静态资源缓存(关键优化)===============
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2)$ {
expires 1y;
add_header Cache-Control "public, immutable";
access_log off;
}
# =======================================================
# 防止访问敏感文件
location ~ /\.(env|git|htaccess|htpasswd|config) {
deny all;
}
}映射lobeGPT
server {
listen 80;
listen 443 ssl;
server_name 域名/ip;
# 重定向 HTTP 请求到 HTTPS
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
client_max_body_size 100m;
ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# =============== GZIP 开启(关键!)===============
gzip on; # 开启 Gzip
gzip_vary on; # 告诉 CDN/代理,内容因编码而异
gzip_min_length 1024; # 小于 1KB 不压缩(避免小文件负优化)
gzip_types
text/plain
text/css
application/json
application/javascript
text/xml
application/xml
application/xml+rss
image/svg+xml
text/javascript; # 指定要压缩的 MIME 类型
gzip_comp_level 6; # 压缩级别(1~9),6 是速度与压缩比平衡点
gzip_buffers 16 8k; # 设置压缩缓冲区
gzip_http_version 1.1; # 只对 HTTP/1.1 及以上启用
gzip_proxied no-cache no-store private expired auth; # 防止代理私有接口时出问题
# ==================================================
location / {
# 常规代理头部
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
# 映射到后端服务端口
proxy_pass http://127.0.0.1:3210;
# 可选:调整超时时间以适应长时间连接
proxy_read_timeout 60s;
proxy_send_timeout 60s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
# Disable buffering to enable streaming
proxy_buffering off;
proxy_cache off;
proxy_set_header X-Accel-Buffering no;
}
}作者:admin 创建时间:2025-10-20 16:21
最后编辑:admin 更新时间:2025-11-12 09:10
最后编辑:admin 更新时间:2025-11-12 09:10
