nginx 完整配置

2026-05-03 18:59:27 +00:00
commit e64aff5ada
26 changed files with 357 additions and 0 deletions
@@ -0,0 +1,51 @@
+server {
+    server_name erp.140103.xyz;
+location /assets {
+    alias /home/administrator/frappe-bench/sites/assets;
+    try_files $uri $uri/ =404;
+    expires 1y;
+    client_max_body_size 100M;
+    add_header Cache-Control "public";
+}
+
+    location / {
+        proxy_pass http://127.0.0.1:8000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+proxy_set_header Expert "";
+        proxy_cache_bypass $http_upgrade;
+proxy_ignore_client_abort on;
+
+    }
+
+location /socket.io {
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_pass http://127.0.0.1:9000;
+}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/erp.140103.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/erp.140103.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = erp.140103.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    listen 80;
+    server_name erp.140103.xyz;
+    return 404; # managed by Certbot
+
+
+}
@@ -0,0 +1,32 @@
+server {
+    server_name nextcloud.140103.xyz;
+    client_max_body_size 16G;
+    location / {
+        proxy_pass http://127.0.0.1:12000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/nextcloud.140103.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/nextcloud.140103.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+
+server {
+    if ($host = nextcloud.140103.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    listen 80;
+    server_name nextcloud.140103.xyz;
+    client_max_body_size 16G;    
+    return 404; # managed by Certbot
+
+
+}
@@ -0,0 +1,38 @@
+server {
+    server_name wiki.yaobai.org;
+
+    location / {
+        # 既然 IP:3000 能通，这里直接用 127.0.0.1 是最稳的
+        proxy_pass http://127.0.0.1:3000; 
+        
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+        
+        # 必须传递这些信息，否则 Wiki.js 会因为安全策略拒绝 HTTPS 访问
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    listen 443 ssl; # managed by Certbot
+    # 下面是 Certbot 自动生成的证书路径，请保留不要删除
+    ssl_certificate /etc/letsencrypt/live/wiki.yaobai.org/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/wiki.yaobai.org/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+}
+
+server {
+    if ($host = wiki.yaobai.org) {
+        return 301 https://$host$request_uri;
+    }
+    listen 80;
+    server_name wiki.yaobai.org;
+    return 404;
+
+
+}