Nginx 一主机多网站布署
配置https转发
localhost:80 => 433
433下分流,跟据Server_name转发
localhost:80 www.ppos.com ppos.com
localhost:8080 blog.ppos.com
#upstream weibo {
# server http://node-server:3001;
#}
upstream blog {
server 119.91.72.211:8080;
}
# 根据不同域名转发
server {
listen 80;
server_name ppos.top www.ppos.top;
return 301 https://ppos.top;
}
server {
listen 80;
server_name blog.ppos.top;
return 301 https://blog.ppos.top;
}
server {
listen 443 ssl http2;
server_name blog.ppos.top;
ssl on;
ssl_certificate /etc/nginx/certs/cert.pem;
ssl_certificate_key /etc/nginx/certs/privkey.pem;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
# blog地址在upstream里定义
location / {
proxy_pass http://blog;
proxy_set_header Host $host;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_buffering off;
proxy_set_header X-Forwarded-Proto $scheme; #没这个css不法转发
}
}
server {
listen 443 ssl http2;
server_name ppos.top www.ppos.top;
ssl on;
ssl_certificate /etc/nginx/certs/cert.pem;
ssl_certificate_key /etc/nginx/certs/privkey.pem;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# 后端代理
location ~ /api {
proxy_pass http://node-server:3001; #docker 容器地址
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
}
