From 31248e8ef9911dfc03f504114cb221789021b367 Mon Sep 17 00:00:00 2001 From: sunpeng Date: Thu, 15 May 2025 13:02:53 +0800 Subject: [PATCH] xx --- nginx/vhosts/airmonitor.conf | 41 +++++ nginx/vhosts/airport.conf | 50 +++++ nginx/vhosts/airportdev.conf | 51 ++++++ nginx/vhosts/alert.conf | 47 +++++ nginx/vhosts/all.conf.back | 346 +++++++++++++++++++++++++++++++++++ nginx/vhosts/business.conf | 53 ++++++ nginx/vhosts/consul.conf | 24 +++ nginx/vhosts/dsp.conf | 171 +++++++++++++++++ nginx/vhosts/freeway.conf | 86 +++++++++ nginx/vhosts/gis360.conf | 24 +++ nginx/vhosts/hhz.conf | 65 +++++++ nginx/vhosts/oidc-web.conf | 40 ++++ nginx/vhosts/oidc.conf | 24 +++ nginx/vhosts/qmhh.conf | 30 +++ nginx/vhosts/registry.conf | 28 +++ nginx/vhosts/sky.conf | 21 +++ nginx/vhosts/software.conf | 34 ++++ nginx/vhosts/spacetime.conf | 47 +++++ nginx/vhosts/tele.conf | 88 +++++++++ nginx/vhosts/upstream.conf | 46 +++++ nginx/vhosts/waterway.conf | 88 +++++++++ nginx/vhosts/weptsp.conf | 47 +++++ nginx/vhosts/xxljob.conf | 24 +++ 23 files changed, 1475 insertions(+) create mode 100644 nginx/vhosts/airmonitor.conf create mode 100644 nginx/vhosts/airport.conf create mode 100644 nginx/vhosts/airportdev.conf create mode 100644 nginx/vhosts/alert.conf create mode 100644 nginx/vhosts/all.conf.back create mode 100644 nginx/vhosts/business.conf create mode 100644 nginx/vhosts/consul.conf create mode 100644 nginx/vhosts/dsp.conf create mode 100644 nginx/vhosts/freeway.conf create mode 100644 nginx/vhosts/gis360.conf create mode 100644 nginx/vhosts/hhz.conf create mode 100644 nginx/vhosts/oidc-web.conf create mode 100644 nginx/vhosts/oidc.conf create mode 100644 nginx/vhosts/qmhh.conf create mode 100644 nginx/vhosts/registry.conf create mode 100644 nginx/vhosts/sky.conf create mode 100644 nginx/vhosts/software.conf create mode 100644 nginx/vhosts/spacetime.conf create mode 100644 nginx/vhosts/tele.conf create mode 100644 nginx/vhosts/upstream.conf create mode 100644 nginx/vhosts/waterway.conf create mode 100644 nginx/vhosts/weptsp.conf create mode 100644 nginx/vhosts/xxljob.conf diff --git a/nginx/vhosts/airmonitor.conf b/nginx/vhosts/airmonitor.conf new file mode 100644 index 0000000..b350e49 --- /dev/null +++ b/nginx/vhosts/airmonitor.conf @@ -0,0 +1,41 @@ + server + { + listen 80; + listen 443 ssl; + server_name airmonitor.t-aaron.com; + root /data/tuoheng_airmonitor_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + + location /airmonitor { + proxy_pass http://gatewayService/airmonitor; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + diff --git a/nginx/vhosts/airport.conf b/nginx/vhosts/airport.conf new file mode 100644 index 0000000..9d31346 --- /dev/null +++ b/nginx/vhosts/airport.conf @@ -0,0 +1,50 @@ + server + { + listen 80; + listen 7009; + listen 443 ssl; + server_name airport-prod-software.t-aaron.com airport.t-aaron.com; + root /data/tuoheng_airport_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /airport { + proxy_pass http://gatewayService/airport; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://tuoheng_airport/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } diff --git a/nginx/vhosts/airportdev.conf b/nginx/vhosts/airportdev.conf new file mode 100644 index 0000000..0d46ca4 --- /dev/null +++ b/nginx/vhosts/airportdev.conf @@ -0,0 +1,51 @@ + server + { + listen 80; + listen 7009; + listen 443 ssl; + server_name airportdev.t-aaron.com; + #root /data/tuoheng_airport_web/dist; + root /data/tuoheng_airport_webdev/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /airport { + proxy_pass http://gatewayService/airportdev; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://gatewayService/airportdev/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } diff --git a/nginx/vhosts/alert.conf b/nginx/vhosts/alert.conf new file mode 100644 index 0000000..62c0dad --- /dev/null +++ b/nginx/vhosts/alert.conf @@ -0,0 +1,47 @@ + server + { + listen 80; + listen 443 ssl; + server_name alert.t-aaron.com; + root /data/tuoheng_alert_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + location /permission { + proxy_pass http://tuoheng_alert_admin; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /alert { + proxy_pass http://gatewayService/alert; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + diff --git a/nginx/vhosts/all.conf.back b/nginx/vhosts/all.conf.back new file mode 100644 index 0000000..70e4dfb --- /dev/null +++ b/nginx/vhosts/all.conf.back @@ -0,0 +1,346 @@ + upstream gatewayService { + server 127.0.0.1:7011; + } + + upstream tuoheng_airport { + server 127.0.0.1:9060; + } + + upstream tuoheng_business_admin{ + server 127.0.0.1:9260; + } + upstream tuoheng_hhz_admin { + server 127.0.0.1:9055; + } + upstream tuoheng_freeway_admin{ + server 127.0.0.1:9117; + } + upstream tuoheng_oidc{ + server 127.0.0.1:8090; + } + server { + listen 80; + listen 443 ssl; + server_name freeway-admin-prod-software.*; + root /data/tuoheng_freeway_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + #开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml application/octet-stream application/msword; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + charset UTF-8; + + proxy_send_timeout 150s; # 设置发送超时时间, + proxy_read_timeout 150s; # 设置读取超时时间。 + + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /freeway { + proxy_pass http://gatewayService/freeway; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://tuoheng_freeway_admin/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + + } + server { + listen 80; + listen 443 ssl; + server_name hhz-prod-software.*; + root /data/tuoheng_hhz_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + #开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml application/octet-stream application/msword; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + charset UTF-8; + + proxy_send_timeout 150s; # 设置发送超时时间, + proxy_read_timeout 150s; # 设置读取超时时间。 + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + location /api { + proxy_pass http://hhz-admin:9055/api; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://tuoheng_hhz_admin; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + # location /wxapp { + # proxy_pass http://172.15.1.21:9056/api; + # proxy_set_header Host $host; + # proxy_set_header X-Real-IP $remote_addr; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # } + + location /hhz { + proxy_pass http://gatewayService/hhz; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + } + + + server { + listen 80; + server_name prometheus-prod-software.*; + + location / { +# proxy_pass http://prometheus:9090; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } + + server { + listen 80; + server_name grafana-prod-software.*; + + location / { +# proxy_pass http://grafana:3000; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } + + server { + listen 80; + server_name xxljob-prod-software.*; + + location / { + # proxy_pass http://xxljob:8080; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } + + + server { + listen 80; + server_name consul-prod-software.*; + + location / { + # proxy_pass http://consul:8500; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } + + server { + listen 80; + server_name emqx-prod-software.*; # 正则匹配所有 oidc 开头的子域名 + + location / { +# proxy_pass http://emqx:18083; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } + + server + { + listen 80; + listen 443 ssl; + server_name airport-prod-software.* airport.t-aaron.com; + root /data/tuoheng_airport_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /airport { + proxy_pass http://gatewayService/airport; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://tuoheng_airport/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + + + server + { + listen 80; + listen 443 ssl; + server_name business-prod-software.*; + root /data/tuoheng_business_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + location /permission { + proxy_pass http://tuoheng_business_admin; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /business-mini { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /business { + proxy_pass http://gatewayService/business; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + } + + #OIDC代理 + server { + listen 80; + listen 443 ssl; + server_name oidc-prod-software.* oidc.t-arron.com; # 正则匹配所有 oidc 开头的子域名 + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_pass http://tuoheng_oidc; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } + server { + listen 80; + server_name sky-prod-software.*; + + location / { + # proxy_pass http://sky-ui:8080; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } diff --git a/nginx/vhosts/business.conf b/nginx/vhosts/business.conf new file mode 100644 index 0000000..a096e55 --- /dev/null +++ b/nginx/vhosts/business.conf @@ -0,0 +1,53 @@ + server + { + listen 80; + listen 443 ssl; + server_name business.t-aaron.com; + root /data/tuoheng_business_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + location /permission { + proxy_pass http://tuoheng_business_admin; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /business-mini { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /business { + proxy_pass http://gatewayService/business; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } diff --git a/nginx/vhosts/consul.conf b/nginx/vhosts/consul.conf new file mode 100644 index 0000000..e31aefe --- /dev/null +++ b/nginx/vhosts/consul.conf @@ -0,0 +1,24 @@ + upstream consulService{ + server 127.0.0.1:8500; + } + + server { + listen 80; + listen 443 ssl; + server_name consul-prod-software.t-aaron.com; + + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_pass http://consulService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } diff --git a/nginx/vhosts/dsp.conf b/nginx/vhosts/dsp.conf new file mode 100644 index 0000000..679e2d1 --- /dev/null +++ b/nginx/vhosts/dsp.conf @@ -0,0 +1,171 @@ +server +{ + listen 80; + listen 443 ssl; + server_name dsp-admin.t-aaron.com; + root /data/dsp_admin_web/dist; + + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /api { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +} + + +server +{ + listen 80; + listen 443 ssl; + server_name dsp-portal.t-aaron.com; + root /data/dsp_portal_web/dist; + + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /api { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +} + + + +server +{ + listen 80; + listen 443 ssl; + server_name dsp-miniprogram.t-aaron.com; + + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /api { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +} + + +server +{ + listen 80; + listen 443 ssl; + server_name dsp-inspection.t-aaron.com; + + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /api { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +} + diff --git a/nginx/vhosts/freeway.conf b/nginx/vhosts/freeway.conf new file mode 100644 index 0000000..c7cafbb --- /dev/null +++ b/nginx/vhosts/freeway.conf @@ -0,0 +1,86 @@ + server { + listen 80; + listen 443 ssl; + server_name freeway.t-aaron.com; + root /data/tuoheng_freeway_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + #开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml application/octet-stream application/msword; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + charset UTF-8; + + proxy_send_timeout 150s; # 设置发送超时时间, + proxy_read_timeout 150s; # 设置读取超时时间。 + + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /freeway { + proxy_pass http://gatewayService/freeway; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://tuoheng_freeway_admin/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + + } + + + server + { + listen 80; + listen 443 ssl; + server_name freeway-miniprogram.t-aaron.com; + root /data/tuoheng_freeway_web; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /freeway { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } diff --git a/nginx/vhosts/gis360.conf b/nginx/vhosts/gis360.conf new file mode 100644 index 0000000..550415e --- /dev/null +++ b/nginx/vhosts/gis360.conf @@ -0,0 +1,24 @@ +server +{ + listen 48899; + server_name gis360.t-aaron.com; + root /data/gis360/web/dist; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + +} diff --git a/nginx/vhosts/hhz.conf b/nginx/vhosts/hhz.conf new file mode 100644 index 0000000..87313f4 --- /dev/null +++ b/nginx/vhosts/hhz.conf @@ -0,0 +1,65 @@ + server + { + listen 80; + listen 443 ssl; + server_name hhz.t-aaron.com hhztest.t-aaron.com; + root /data/tuoheng_hhz_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + #开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml application/octet-stream application/msword; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + charset UTF-8; + + proxy_send_timeout 150s; # 设置发送超时时间, + proxy_read_timeout 150s; # 设置读取超时时间。 + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + #location /api { + # proxy_pass http://127.0.0.1:9055/api; + # proxy_set_header Host $host; + # proxy_set_header X-Real-IP $remote_addr; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + #} + + location /permission { + proxy_pass http://tuoheng_hhz_admin; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /wxapp { + proxy_pass http://tuoheng_hhz_api/api; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /hhz { + proxy_pass http://gatewayService/hhz; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } diff --git a/nginx/vhosts/oidc-web.conf b/nginx/vhosts/oidc-web.conf new file mode 100644 index 0000000..fd824a5 --- /dev/null +++ b/nginx/vhosts/oidc-web.conf @@ -0,0 +1,40 @@ +server +{ + listen 80; + listen 443 ssl; + server_name oidc-web.t-aaron.com; + root /data/tuoheng_oidc_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /oidc { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +} diff --git a/nginx/vhosts/oidc.conf b/nginx/vhosts/oidc.conf new file mode 100644 index 0000000..c5bfc9a --- /dev/null +++ b/nginx/vhosts/oidc.conf @@ -0,0 +1,24 @@ + server { + listen 80; + listen 9988; + listen 443 ssl; + + server_name oidc.t-aaron.com; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + + location / { + proxy_pass http://127.0.0.1:8595; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } diff --git a/nginx/vhosts/qmhh.conf b/nginx/vhosts/qmhh.conf new file mode 100644 index 0000000..13385dd --- /dev/null +++ b/nginx/vhosts/qmhh.conf @@ -0,0 +1,30 @@ +server +{ + listen 80; + listen 443 ssl; + server_name qmhh.t-aaron.com; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /api { + proxy_pass http://tuoheng_qmhh_api/api; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + +} diff --git a/nginx/vhosts/registry.conf b/nginx/vhosts/registry.conf new file mode 100644 index 0000000..4b34d47 --- /dev/null +++ b/nginx/vhosts/registry.conf @@ -0,0 +1,28 @@ + server + { + listen 80; + listen 443 ssl; + server_name registry.t-aaron.com; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + client_max_body_size 10G; # Increase this to an appropriate value + + location / { + proxy_pass http://localhost:5252; # Docker Registry 后端地址 + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Authorization ""; # 防止传递认证信息 + proxy_read_timeout 900s; # 需要较长时间来推送大型镜像 + proxy_redirect off; # 禁用重定向 + } + + } + diff --git a/nginx/vhosts/sky.conf b/nginx/vhosts/sky.conf new file mode 100644 index 0000000..9ef2f74 --- /dev/null +++ b/nginx/vhosts/sky.conf @@ -0,0 +1,21 @@ + server { + listen 80; + listen 443 ssl; + server_name sky-prod-software.t-aaron.com; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + location / { + proxy_pass http://127.0.0.1:8093; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + } diff --git a/nginx/vhosts/software.conf b/nginx/vhosts/software.conf new file mode 100644 index 0000000..5374774 --- /dev/null +++ b/nginx/vhosts/software.conf @@ -0,0 +1,34 @@ +server +{ +# 用来转发airpot的websocket + listen 8080; + listen 2443 ssl; + server_name software.t-aaron.com; + + client_max_body_size 500M; + + +# add_header 'Access-Control-Allow-Origin' *; +# add_header 'Access-Control-Allow-Credentials' 'true'; +# add_header 'Access-Control-Allow-Methods' *; +# add_header 'Access-Control-Allow-Headers' *; + + # SSL证书配置 + ssl_certificate cert/t-aaron.com.pem; + ssl_certificate_key cert/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + + + location / { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass http://127.0.0.1:8090; + } + +} diff --git a/nginx/vhosts/spacetime.conf b/nginx/vhosts/spacetime.conf new file mode 100644 index 0000000..236b322 --- /dev/null +++ b/nginx/vhosts/spacetime.conf @@ -0,0 +1,47 @@ + server + { + listen 80; + listen 443 ssl; + server_name spacetime.t-aaron.com; + root /data/tuoheng_spacetime_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + location /permission { + proxy_pass http://tuoheng_spacetime_admin; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /spacetime { + proxy_pass http://gatewayService/spacetime; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + diff --git a/nginx/vhosts/tele.conf b/nginx/vhosts/tele.conf new file mode 100644 index 0000000..400d690 --- /dev/null +++ b/nginx/vhosts/tele.conf @@ -0,0 +1,88 @@ +server +{ + listen 80; + listen 443 ssl; + server_name telecomumale.t-aaron.com; + root /data/tuoheng_telecomumale_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /telecomumale { + proxy_pass http://gatewayService/telecomumale; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://tuoheng_telecomumale_admin/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} +server +{ + listen 80; + listen 443 ssl; + server_name telecomumale-miniprogram.t-aaron.com; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /telecomumale { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} diff --git a/nginx/vhosts/upstream.conf b/nginx/vhosts/upstream.conf new file mode 100644 index 0000000..c39f446 --- /dev/null +++ b/nginx/vhosts/upstream.conf @@ -0,0 +1,46 @@ + upstream gatewayService { + server 172.16.1.42:7011; + } + upstream tuoheng_oidc{ + server 172.16.1.42:8090; + } + upstream tuoheng_airport { + server 172.16.1.42:9060; + } + upstream tuoheng_business_admin { + server 172.16.1.42:9260; + } + upstream tuoheng_hhz_admin { + server 172.16.1.42:9055; + } + upstream tuoheng_freeway_admin { + server 172.16.1.42:9117; + } + upstream tuoheng_hhz_api { + server 172.16.1.42:9056; + } + upstream tuoheng_telecomumale_admin { + server 172.16.1.42:9150; + } + upstream tuoheng_qmhh_api { + server 172.16.1.42:9061; + } + + upstream tuoheng_airmonitor_admin { + server 172.16.1.41:9130; + } + + upstream tuoheng_weptsp_admin { + server 172.16.1.41:9140; + } + + upstream tuoheng_alert_admin { + server 172.16.1.41:9160; + } + upstream tuoheng_waterway_admin { + server 172.16.1.41:9120; + } + upstream tuoheng_spacetime_admin { + server 172.16.1.41:9170; + } + diff --git a/nginx/vhosts/waterway.conf b/nginx/vhosts/waterway.conf new file mode 100644 index 0000000..6541db9 --- /dev/null +++ b/nginx/vhosts/waterway.conf @@ -0,0 +1,88 @@ +server +{ + listen 80; + listen 443 ssl; + server_name waterway.t-aaron.com; + root /data/tuoheng_waterway_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /waterway { + proxy_pass http://gatewayService/waterway; + proxy_set_header Host $host; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /permission { + proxy_pass http://tuoheng_waterway_admin/permission; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} +server +{ + listen 80; + listen 443 ssl; + server_name waterway-miniprogram.t-aaron.com; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location /{ + try_files $uri $uri/ @router; + index index.html; + } + + location @router{ + rewrite ^.*$ /index.html last; + } + + location /waterway { + proxy_pass http://gatewayService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } +} diff --git a/nginx/vhosts/weptsp.conf b/nginx/vhosts/weptsp.conf new file mode 100644 index 0000000..88b4445 --- /dev/null +++ b/nginx/vhosts/weptsp.conf @@ -0,0 +1,47 @@ + server + { + listen 80; + listen 443 ssl; + server_name weptsp.t-aaron.com; + root /data/tuoheng_weptsp_web/dist; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + + # 开启gzip功能 + gzip on; + gzip_min_length 10k; + gzip_comp_level 9; + gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml; + gzip_vary on; + gzip_disable "MSIE [1-6]\."; + + location / { + try_files $uri $uri/ @router; + index index.html; + } + + location @router { + rewrite ^.*$ /index.html last; + } + + location /permission { + proxy_pass http://tuoheng_weptsp_admin; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location /weptsp { + proxy_pass http://gatewayService/weptsp; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + diff --git a/nginx/vhosts/xxljob.conf b/nginx/vhosts/xxljob.conf new file mode 100644 index 0000000..916f60c --- /dev/null +++ b/nginx/vhosts/xxljob.conf @@ -0,0 +1,24 @@ + upstream xxljobService{ + server 127.0.0.1:8181; + } + + server { + listen 80; + listen 443 ssl; + server_name xxljob-prod-software.t-aaron.com; + + # SSL证书配置 + ssl_certificate /etc/nginx/t-aaron.com.pem; + ssl_certificate_key /etc/nginx/t-aaron.com.key; + ssl_session_timeout 5m; + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; + ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + location / { + proxy_pass http://xxljobService; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + }