我当前的设置时这样的,抄了很多教程,但是不懂原理感觉抄也是白抄,不管用。
server { listen 86; server_name box.example.com file.example.com files.example.com pan.example.com; if ($scheme = http){ return 301 https://$server_name:88$request_uri; } } map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 88 ssl http2; server_name box.example.com; error_page 497 301 =307 https://$host:$server_port$request_uri; ssl_certificate /etc/letsencrypt/live/box.example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/box.example.com/privkey.pem; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; location / { proxy_pass http://localhost:8687; proxy_set_header HOST $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-NginX-Proxy true; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection ""; proxy_max_temp_file_size 0; proxy_read_timeout 500s; proxy_connect_timeout 600; proxy_send_timeout 240; } location /api/command/ { proxy_pass http://localhost:8687; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } 
Select Language