From cd1e47f34daf3504236800aaf06e5e0bebf87ed5 Mon Sep 17 00:00:00 2001 From: amass <168062547@qq.com> Date: Sun, 2 Jun 2024 23:32:41 +0800 Subject: [PATCH] add proxy for homebox. --- Server/conf/nginx.conf | 87 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 87 insertions(+) diff --git a/Server/conf/nginx.conf b/Server/conf/nginx.conf index 1a42eea..bfb31f1 100644 --- a/Server/conf/nginx.conf +++ b/Server/conf/nginx.conf @@ -147,6 +147,93 @@ http { } } + server { + listen 443 ssl; + server_name money.amass.fun; + + client_header_timeout 120s; + client_body_timeout 120s; + + ssl_certificate cert/money.amass.fun.pem; + ssl_certificate_key cert/money.amass.fun.key; + ssl_session_timeout 5m; #缓存有效期 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议 + ssl_prefer_server_ciphers on; #使用服务器端的首选算法 + + location / { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header x-wiz-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://frp_http_proxy; + } + } + + server { + listen 443 ssl; + server_name money-mobile.amass.fun; + + client_header_timeout 120s; + client_body_timeout 120s; + + ssl_certificate cert/money-mobile.amass.fun.pem; + ssl_certificate_key cert/money-mobile.amass.fun.key; + ssl_session_timeout 5m; #缓存有效期 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议 + ssl_prefer_server_ciphers on; #使用服务器端的首选算法 + + location / { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header x-wiz-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://frp_http_proxy; + } + } + + server { + listen 443 ssl; + server_name zainaer.amass.fun; + + client_header_timeout 120s; + client_body_timeout 120s; + + ssl_certificate cert/zainaer.amass.fun.pem; + ssl_certificate_key cert/zainaer.amass.fun.key; + ssl_session_timeout 5m; #缓存有效期 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议 + ssl_prefer_server_ciphers on; #使用服务器端的首选算法 + + location / { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header x-wiz-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://frp_http_proxy; + } + } + + server { + listen 80; + server_name zainaer.amass.fun; + rewrite ^(.*)$ https://zainaer.amass.fun$1 permanent; + } + server { listen 80; server_name iot.amass.fun;