From e85245340198c456605bf3c6623e3f3a53731b18 Mon Sep 17 00:00:00 2001 From: amass <168062547@qq.com> Date: Sun, 10 Dec 2023 13:25:33 +0800 Subject: [PATCH] Add some proxy config. --- Server/conf/nginx.conf | 67 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) diff --git a/Server/conf/nginx.conf b/Server/conf/nginx.conf index 11111d5..2940d8e 100644 --- a/Server/conf/nginx.conf +++ b/Server/conf/nginx.conf @@ -30,6 +30,10 @@ http { gzip on; gzip_types application/octet-stream text/markdown text/plain application/json application/x-javascript text/css application/xml text/javascript application/javascript application/x-httpd-php image/jpeg image/gif image/png; + upstream frp_board { + server 127.0.0.1:7500; + } + upstream twikoo { server 127.0.0.1:8080; } @@ -54,6 +58,10 @@ http { server 127.0.0.1:8085; } + upstream frp_webdav { + server 127.0.0.1:8086; + } + init_by_lua_file lua/settings.lua; server { @@ -80,10 +88,41 @@ http { } } + server { + listen 443 ssl; + server_name frp.amass.fun; + + client_header_timeout 120s; + client_body_timeout 120s; + + ssl_certificate cert/frp.amass.fun.pem; + ssl_certificate_key cert/frp.amass.fun.key; + ssl_session_timeout 5m; #缓存有效期 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议 + ssl_prefer_server_ciphers on; #使用服务器端的首选算法 + + location / { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header x-wiz-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://frp_board; + } + } + server { listen 443 ssl; server_name pve.amass.fun; + client_header_timeout 120s; + client_body_timeout 120s; + client_max_body_size 512m; + ssl_certificate cert/pve.amass.fun.pem; ssl_certificate_key cert/pve.amass.fun.key; ssl_session_timeout 5m; #缓存有效期 @@ -104,6 +143,34 @@ http { } } + server { + listen 443 ssl; + server_name webdav.amass.fun; + + client_header_timeout 120s; + client_body_timeout 120s; + client_max_body_size 512m; + + ssl_certificate cert/webdav.amass.fun.pem; + ssl_certificate_key cert/webdav.amass.fun.key; + ssl_session_timeout 5m; #缓存有效期 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议 + ssl_prefer_server_ciphers on; #使用服务器端的首选算法 + + location / { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header x-wiz-real-ip $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass https://frp_webdav; + } + } + server { listen 443 ssl; server_name gitea.amass.fun;