2023-07-21 16:17:01 +08:00
|
|
|
|
|
|
|
user root;
|
|
|
|
worker_processes 1;
|
|
|
|
|
|
|
|
#error_log logs/error.log;
|
|
|
|
#error_log logs/error.log notice;
|
|
|
|
#error_log logs/error.log info;
|
|
|
|
|
|
|
|
#pid logs/nginx.pid;
|
|
|
|
events {
|
|
|
|
worker_connections 1024;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
http {
|
|
|
|
include mime.types;
|
|
|
|
default_type application/octet-stream;
|
|
|
|
|
|
|
|
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
|
|
|
# '$status $body_bytes_sent "$http_referer" '
|
|
|
|
# '"$http_user_agent" "$http_x_forwarded_for"';
|
|
|
|
|
|
|
|
#access_log logs/access.log main;
|
|
|
|
rewrite_log on;
|
|
|
|
sendfile on;
|
|
|
|
#tcp_nopush on;
|
|
|
|
|
|
|
|
keepalive_timeout 65;
|
|
|
|
|
|
|
|
gzip on;
|
|
|
|
gzip_types application/octet-stream text/markdown text/plain application/json application/x-javascript text/css application/xml text/javascript application/javascript application/x-httpd-php image/jpeg image/gif image/png;
|
|
|
|
|
2023-11-05 19:01:15 +08:00
|
|
|
upstream twikoo {
|
2023-07-21 16:17:01 +08:00
|
|
|
server 127.0.0.1:8080;
|
|
|
|
}
|
|
|
|
|
|
|
|
upstream wiznote {
|
|
|
|
server 127.0.0.1:8081;
|
|
|
|
}
|
|
|
|
|
|
|
|
upstream gitea {
|
|
|
|
server 127.0.0.1:8082;
|
|
|
|
}
|
|
|
|
|
2023-11-05 19:01:15 +08:00
|
|
|
upstream local {
|
|
|
|
server 127.0.0.1:8083;
|
2023-07-21 16:17:01 +08:00
|
|
|
}
|
|
|
|
|
2023-11-18 18:08:16 +08:00
|
|
|
upstream speed_test {
|
|
|
|
server 127.0.0.1:8084;
|
2023-07-21 16:17:01 +08:00
|
|
|
}
|
|
|
|
|
2023-11-21 00:10:26 +08:00
|
|
|
upstream frp_pve {
|
|
|
|
server 127.0.0.1:8085;
|
|
|
|
}
|
|
|
|
|
2023-07-21 16:17:01 +08:00
|
|
|
init_by_lua_file lua/settings.lua;
|
|
|
|
|
|
|
|
server {
|
|
|
|
listen 443 ssl;
|
|
|
|
server_name wiznote.amass.fun;
|
|
|
|
|
|
|
|
ssl_certificate cert/9890678_wiznote.amass.fun.pem;
|
|
|
|
ssl_certificate_key cert/9890678_wiznote.amass.fun.key;
|
|
|
|
ssl_session_timeout 5m; #缓存有效期
|
|
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
|
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
|
|
|
|
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
|
|
|
|
|
|
|
|
location / {
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
|
|
proxy_set_header Connection "upgrade";
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header x-wiz-real-ip $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_pass http://wiznote;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-11-21 00:10:26 +08:00
|
|
|
server {
|
|
|
|
listen 443 ssl;
|
|
|
|
server_name pve.amass.fun;
|
|
|
|
|
|
|
|
ssl_certificate cert/pve.amass.fun.pem;
|
|
|
|
ssl_certificate_key cert/pve.amass.fun.key;
|
|
|
|
ssl_session_timeout 5m; #缓存有效期
|
|
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
|
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
|
|
|
|
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
|
|
|
|
|
|
|
|
location / {
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
|
|
proxy_set_header Connection "upgrade";
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header x-wiz-real-ip $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_pass https://frp_pve;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-07-21 16:17:01 +08:00
|
|
|
server {
|
|
|
|
listen 443 ssl;
|
|
|
|
server_name gitea.amass.fun;
|
|
|
|
|
2023-11-18 18:08:16 +08:00
|
|
|
client_header_timeout 120s;
|
|
|
|
client_body_timeout 120s;
|
|
|
|
client_max_body_size 512m;
|
|
|
|
|
2023-07-21 16:17:01 +08:00
|
|
|
ssl_certificate cert/gitea.amass.fun.pem;
|
|
|
|
ssl_certificate_key cert/gitea.amass.fun.key;
|
|
|
|
ssl_session_timeout 5m; #缓存有效期
|
|
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
|
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
|
|
|
|
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
|
|
|
|
|
|
|
|
location / {
|
|
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_pass http://gitea;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
server {
|
|
|
|
listen 443 ssl;
|
2023-11-21 00:10:26 +08:00
|
|
|
server_name amass.fun;
|
2023-07-21 16:17:01 +08:00
|
|
|
|
2023-11-05 19:01:15 +08:00
|
|
|
ssl_certificate cert/amass.fun.pem;
|
|
|
|
ssl_certificate_key cert/amass.fun.key;
|
2023-07-21 16:17:01 +08:00
|
|
|
ssl_session_timeout 5m; #缓存有效期
|
|
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法
|
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议
|
|
|
|
ssl_prefer_server_ciphers on; #使用服务器端的首选算法
|
|
|
|
|
|
|
|
location / {
|
|
|
|
root amass_blog;
|
|
|
|
index index.html index.htm;
|
|
|
|
}
|
|
|
|
|
|
|
|
location /lua {
|
|
|
|
default_type text/html;
|
|
|
|
content_by_lua_file lua/helloworld.lua;
|
|
|
|
}
|
|
|
|
|
2023-11-21 00:10:26 +08:00
|
|
|
location = /api/login {
|
2023-07-21 16:17:01 +08:00
|
|
|
content_by_lua_file lua/login.lua;
|
|
|
|
}
|
|
|
|
|
|
|
|
location = /blog/profile {
|
|
|
|
content_by_lua_file lua/profile.lua;
|
|
|
|
}
|
|
|
|
|
|
|
|
location /video {
|
|
|
|
access_by_lua_file lua/access.lua;
|
|
|
|
proxy_pass http://local;
|
|
|
|
}
|
|
|
|
|
|
|
|
location /phtot_gallery {
|
|
|
|
proxy_pass http://local;
|
|
|
|
}
|
|
|
|
|
|
|
|
location = /blog/list {
|
|
|
|
header_filter_by_lua_block {
|
|
|
|
ngx.header.content_length = nil
|
|
|
|
}
|
|
|
|
body_filter_by_lua_file lua/blog_list.lua; # 过滤掉 隐私文件夹
|
|
|
|
proxy_pass http://local;
|
|
|
|
}
|
|
|
|
|
|
|
|
location = /search/website_collections {
|
|
|
|
content_by_lua_file lua/request_website_collections.lua;
|
|
|
|
}
|
|
|
|
|
|
|
|
location ~ /trigger-ci.+$ {
|
|
|
|
proxy_pass http://local;
|
|
|
|
}
|
|
|
|
|
|
|
|
location ~ /notify.*$ {
|
|
|
|
proxy_pass http://local;
|
|
|
|
}
|
|
|
|
|
2023-11-18 18:08:16 +08:00
|
|
|
location /speedtest {
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header x-wiz-real-ip $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_pass http://speed_test;
|
|
|
|
}
|
|
|
|
location /backend {
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header x-wiz-real-ip $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_pass http://speed_test;
|
|
|
|
}
|
2023-07-21 16:17:01 +08:00
|
|
|
location /InstallerRepository {
|
|
|
|
root .;
|
|
|
|
index index.html index.htm;
|
|
|
|
}
|
|
|
|
|
|
|
|
location /Younger/ChatRoom {
|
|
|
|
|
|
|
|
proxy_pass http://local;
|
|
|
|
|
|
|
|
proxy_http_version 1.1;
|
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
|
|
proxy_set_header Connection "Upgrade";
|
|
|
|
proxy_set_header Host $host;
|
|
|
|
proxy_read_timeout 1200s;
|
|
|
|
}
|
|
|
|
|
|
|
|
#error_page 404 /404.html;
|
|
|
|
|
|
|
|
# redirect server error pages to the static page /50x.html
|
|
|
|
#
|
2023-11-21 00:10:26 +08:00
|
|
|
error_page 500 502 503 504 /404.html;
|
|
|
|
location = /404.html {
|
|
|
|
root amass_blog;
|
2023-07-21 16:17:01 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
location ^~ /index/ {
|
|
|
|
try_files $uri /index.html;
|
|
|
|
}
|
|
|
|
|
|
|
|
location /wechat {
|
|
|
|
proxy_pass http://local;
|
|
|
|
}
|
|
|
|
|
|
|
|
location /twikoo {
|
|
|
|
proxy_pass http://twikoo;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-11-21 00:10:26 +08:00
|
|
|
server {
|
|
|
|
listen 80;
|
|
|
|
server_name pve.amass.fun;
|
|
|
|
rewrite ^(.*)$ https://pve.amass.fun$1 permanent;
|
|
|
|
}
|
|
|
|
|
2023-07-21 16:17:01 +08:00
|
|
|
server {
|
|
|
|
listen 80;
|
|
|
|
server_name wiznote.amass.fun;
|
|
|
|
rewrite ^(.*)$ https://wiznote.amass.fun$1 permanent;
|
|
|
|
}
|
|
|
|
|
|
|
|
server {
|
|
|
|
listen 80;
|
|
|
|
server_name gitea.amass.fun;
|
|
|
|
rewrite ^(.*)$ https://gitea.amass.fun$1 permanent;
|
|
|
|
}
|
|
|
|
|
|
|
|
server {
|
|
|
|
listen 80;
|
|
|
|
server_name amass.fun;
|
|
|
|
location /resource {
|
|
|
|
root .;
|
|
|
|
}
|
2023-11-18 18:08:16 +08:00
|
|
|
location /speedtest {
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header x-wiz-real-ip $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_pass http://speed_test;
|
|
|
|
}
|
|
|
|
location /backend {
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header x-wiz-real-ip $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_pass http://speed_test;
|
|
|
|
}
|
|
|
|
|
2023-07-21 16:17:01 +08:00
|
|
|
location / {
|
|
|
|
rewrite ^(.*)$ https://amass.fun$1 permanent;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|