347 lines
10 KiB
Plaintext
347 lines
10 KiB
Plaintext
upstream gatewayService {
|
|
server 127.0.0.1:7011;
|
|
}
|
|
|
|
upstream tuoheng_airport {
|
|
server 127.0.0.1:9060;
|
|
}
|
|
|
|
upstream tuoheng_business_admin{
|
|
server 127.0.0.1:9260;
|
|
}
|
|
upstream tuoheng_hhz_admin {
|
|
server 127.0.0.1:9055;
|
|
}
|
|
upstream tuoheng_freeway_admin{
|
|
server 127.0.0.1:9117;
|
|
}
|
|
upstream tuoheng_oidc{
|
|
server 127.0.0.1:8090;
|
|
}
|
|
server {
|
|
listen 80;
|
|
listen 443 ssl;
|
|
server_name freeway-admin-prod-software.*;
|
|
root /data/tuoheng_freeway_web/dist;
|
|
|
|
# SSL证书配置
|
|
ssl_certificate /etc/nginx/t-aaron.com.pem;
|
|
ssl_certificate_key /etc/nginx/t-aaron.com.key;
|
|
ssl_session_timeout 5m;
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
|
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
#开启gzip功能
|
|
gzip on;
|
|
gzip_min_length 10k;
|
|
gzip_comp_level 9;
|
|
gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml application/octet-stream application/msword;
|
|
gzip_vary on;
|
|
gzip_disable "MSIE [1-6]\.";
|
|
|
|
charset UTF-8;
|
|
|
|
proxy_send_timeout 150s; # 设置发送超时时间,
|
|
proxy_read_timeout 150s; # 设置读取超时时间。
|
|
|
|
|
|
location /{
|
|
try_files $uri $uri/ @router;
|
|
index index.html;
|
|
}
|
|
|
|
location @router{
|
|
rewrite ^.*$ /index.html last;
|
|
}
|
|
|
|
location /freeway {
|
|
proxy_pass http://gatewayService/freeway;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
location /permission {
|
|
proxy_pass http://tuoheng_freeway_admin/permission;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
|
|
}
|
|
server {
|
|
listen 80;
|
|
listen 443 ssl;
|
|
server_name hhz-prod-software.*;
|
|
root /data/tuoheng_hhz_web/dist;
|
|
|
|
# SSL证书配置
|
|
ssl_certificate /etc/nginx/t-aaron.com.pem;
|
|
ssl_certificate_key /etc/nginx/t-aaron.com.key;
|
|
ssl_session_timeout 5m;
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
|
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
#开启gzip功能
|
|
gzip on;
|
|
gzip_min_length 10k;
|
|
gzip_comp_level 9;
|
|
gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml application/octet-stream application/msword;
|
|
gzip_vary on;
|
|
gzip_disable "MSIE [1-6]\.";
|
|
|
|
charset UTF-8;
|
|
|
|
proxy_send_timeout 150s; # 设置发送超时时间,
|
|
proxy_read_timeout 150s; # 设置读取超时时间。
|
|
|
|
location / {
|
|
try_files $uri $uri/ @router;
|
|
index index.html;
|
|
}
|
|
|
|
location @router {
|
|
rewrite ^.*$ /index.html last;
|
|
}
|
|
|
|
location /api {
|
|
proxy_pass http://hhz-admin:9055/api;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
location /permission {
|
|
proxy_pass http://tuoheng_hhz_admin;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
# location /wxapp {
|
|
# proxy_pass http://172.15.1.21:9056/api;
|
|
# proxy_set_header Host $host;
|
|
# proxy_set_header X-Real-IP $remote_addr;
|
|
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# }
|
|
|
|
location /hhz {
|
|
proxy_pass http://gatewayService/hhz;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name prometheus-prod-software.*;
|
|
|
|
location / {
|
|
# proxy_pass http://prometheus:9090;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name grafana-prod-software.*;
|
|
|
|
location / {
|
|
# proxy_pass http://grafana:3000;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name xxljob-prod-software.*;
|
|
|
|
location / {
|
|
# proxy_pass http://xxljob:8080;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name consul-prod-software.*;
|
|
|
|
location / {
|
|
# proxy_pass http://consul:8500;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name emqx-prod-software.*; # 正则匹配所有 oidc 开头的子域名
|
|
|
|
location / {
|
|
# proxy_pass http://emqx:18083;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
|
|
server
|
|
{
|
|
listen 80;
|
|
listen 443 ssl;
|
|
server_name airport-prod-software.* airport.t-aaron.com;
|
|
root /data/tuoheng_airport_web/dist;
|
|
|
|
# SSL证书配置
|
|
ssl_certificate /etc/nginx/t-aaron.com.pem;
|
|
ssl_certificate_key /etc/nginx/t-aaron.com.key;
|
|
ssl_session_timeout 5m;
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
|
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
# 开启gzip功能
|
|
gzip on;
|
|
gzip_min_length 10k;
|
|
gzip_comp_level 9;
|
|
gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml;
|
|
gzip_vary on;
|
|
gzip_disable "MSIE [1-6]\.";
|
|
|
|
location /{
|
|
try_files $uri $uri/ @router;
|
|
index index.html;
|
|
}
|
|
|
|
location @router{
|
|
rewrite ^.*$ /index.html last;
|
|
}
|
|
|
|
location /airport {
|
|
proxy_pass http://gatewayService/airport;
|
|
proxy_set_header Host $host;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
location /permission {
|
|
proxy_pass http://tuoheng_airport/permission;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
}
|
|
|
|
|
|
server
|
|
{
|
|
listen 80;
|
|
listen 443 ssl;
|
|
server_name business-prod-software.*;
|
|
root /data/tuoheng_business_web/dist;
|
|
|
|
# SSL证书配置
|
|
ssl_certificate /etc/nginx/t-aaron.com.pem;
|
|
ssl_certificate_key /etc/nginx/t-aaron.com.key;
|
|
ssl_session_timeout 5m;
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
|
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
# 开启gzip功能
|
|
gzip on;
|
|
gzip_min_length 10k;
|
|
gzip_comp_level 9;
|
|
gzip_types text/plain text/css application/javascript application/x-javascript text/javascript application/xml;
|
|
gzip_vary on;
|
|
gzip_disable "MSIE [1-6]\.";
|
|
|
|
location / {
|
|
try_files $uri $uri/ @router;
|
|
index index.html;
|
|
}
|
|
|
|
location @router {
|
|
rewrite ^.*$ /index.html last;
|
|
}
|
|
|
|
location /permission {
|
|
proxy_pass http://tuoheng_business_admin;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
location /business-mini {
|
|
proxy_pass http://gatewayService;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
location /business {
|
|
proxy_pass http://gatewayService/business;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
}
|
|
|
|
#OIDC代理
|
|
server {
|
|
listen 80;
|
|
listen 443 ssl;
|
|
server_name oidc-prod-software.* oidc.t-arron.com; # 正则匹配所有 oidc 开头的子域名
|
|
|
|
# SSL证书配置
|
|
ssl_certificate /etc/nginx/t-aaron.com.pem;
|
|
ssl_certificate_key /etc/nginx/t-aaron.com.key;
|
|
ssl_session_timeout 5m;
|
|
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
|
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
location / {
|
|
proxy_pass http://tuoheng_oidc;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|
|
server {
|
|
listen 80;
|
|
server_name sky-prod-software.*;
|
|
|
|
location / {
|
|
# proxy_pass http://sky-ui:8080;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
}
|