vf/vf_react
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update pay ui

Browse Source
This commit is contained in:
zzlgreat
2025-12-14 10:01:48 +08:00
parent 426ec44027
commit b2ef7963fd
10 changed files with 536 additions and 541 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
nginx-110.42.32.207.conf
View File

@@ -59,6 +59,9 @@ server {
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
# 文件上传大小限制(客服图片上传需要)
client_max_body_size 20M;
# ============================================
# CORS 配置<EFBC88>?CDN 域名访问<E8AEBF>?
# ============================================
@@ -488,6 +491,17 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 隐藏后端返回的 CORS 头(避免重复)
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
# 统一添加 CORS 头
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always;
proxy_cache_valid 200 1d;
expires 1d;
add_header Cache-Control "public, max-age=86400";
@@ -501,10 +515,20 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 隐藏后端返回的 CORS 头(避免重复)
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
# CORS 头(解决 ERR_BLOCKED_BY_ORB
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always;
proxy_cache_valid 200 1d;
expires 1d;
add_header Cache-Control "public, max-age=86400";
add_header Access-Control-Allow-Origin $cors_origin;
}
location /visitor/ {
@@ -535,7 +559,8 @@ server {
}
location = /stomp {
proxy_pass http://43.143.189.195/api/websocket;
# 代理到 bytedesk 的 /websocket 端点
proxy_pass http://43.143.189.195/websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
@@ -560,7 +585,8 @@ server {
}
location /stomp/ {
proxy_pass http://43.143.189.195/api/websocket/;
# 代理到 bytedesk 的 /websocket 端点
proxy_pass http://43.143.189.195/websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
@@ -586,8 +612,22 @@ server {
location ^~ /avatars/ {
proxy_pass http://43.143.189.195/uploads/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 隐藏后端返回的 CORS 头(避免重复)
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
# CORS 头(解决 ERR_BLOCKED_BY_ORB
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept' always;
proxy_cache_valid 200 1d;
proxy_cache_bypass $http_cache_control;

BIN
public/avatars/agent.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

BIN
public/images/features/features.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 335 KiB

BIN
public/images/features/image-1.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 259 KiB

BIN
public/images/features/image-2.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 246 KiB

BIN
public/images/features/image-3.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 272 KiB

BIN
public/images/header/background.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 1.2 MiB

BIN
public/images/help/help.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 438 KiB

7
src/routes/index.js
View File

@@ -7,9 +7,6 @@ import { Routes, Route, Navigate } from 'react-router-dom';
// 路由配置
import { getMainLayoutRoutes, getStandaloneRoutes } from './routeConfig';
// Landing 页面(重定向到静态 landing.html
import Landing from '@views/Landing';
// 布局组件
import MainLayout from '@layouts/MainLayout';
@@ -54,8 +51,8 @@ export function AppRoutes() {
{/* 独立路由 - 无布局(如登录页)*/}
{standaloneRoutes.map(renderRoute)}
{/* 默认路由 - 显示 Landing 页面(跳转到静态 landing.html */}
<Route path="/" element={<Landing />} />
{/* 默认路由 - 重定向到首页 */}
<Route path="/" element={<Navigate to="/home" replace />} />
{/* 404 页面 - 捕获所有未匹配的路由 */}
<Route path="*" element={<Navigate to="/home" replace />} />

620
valuefrontier.conf
View File

@@ -1,132 +1,118 @@
# /etc/nginx/sites-available/valuefrontier
# 完整配置 - Next.js只处理特定页面其他全部导向React应用
# ============================================================================
# 110.42.32.207 Nginx 配置
# API 服务<E69C8D>?- 处理所有后<E69C89>?API 和代理请<E79086>?
#
# 部署步骤<E6ADA5>?
# 1. 上传到服务器: scp nginx-110.42.32.207.conf ubuntu@110.42.32.207:/tmp/
# 2. 复制配置: sudo cp /tmp/nginx-110.42.32.207.conf /etc/nginx/sites-available/api.conf
# 3. 启用配置: sudo ln -s /etc/nginx/sites-available/api.conf /etc/nginx/sites-enabled/
# 4. 申请证书: sudo certbot --nginx -d api.valuefrontier.cn (或使用其他方<E4BB96>?
# 5. 测试重载: sudo nginx -t && sudo systemctl reload nginx
# ============================================================================
# WebSocket 连接升级映射
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# ============================================
# Flask 后端负载均衡(支持多进程)
# ============================================
upstream flask_backend {
# 后端服务器110.42.32.207 运行 gunicorn
server 110.42.32.207:5001;
# 如果需要本地也运行一个实例做负载均衡,取消下面注释
# server 127.0.0.1:5001;
# 保持连接(提升性能)
keepalive 32;
}
# HTTP (端口 80) 服务器块: 负责将所有HTTP请求重定向到HTTPS
# ============================================================================
# HTTP (端口 80) - 重定向到 HTTPS
# ============================================================================
server {
listen 80;
server_name valuefrontier.cn www.valuefrontier.cn;
server_name api.valuefrontier.cn 110.42.32.207;
# 这一段是为了让Certbot自动续期时能正常工作
# Let's Encrypt 验证
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location ~ \.txt$ {
root /var/www/valuefrontier.cn;
add_header Content-Type "text/plain";
}
location / {
# 301永久重定向到安全的HTTPS版本
return 301 https://$host$request_uri;
}
}
# HTTPS (端口 443) 服务器块: 处理所有加密流量和实际的应用逻辑
# ============================================================================
# HTTPS (端口 443) - API 服务
# ============================================================================
server {
listen 443 ssl http2;
server_name valuefrontier.cn www.valuefrontier.cn;
server_name api.valuefrontier.cn 110.42.32.207;
# --- SSL 证书配置 ---
ssl_certificate /etc/letsencrypt/live/valuefrontier.cn/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/valuefrontier.cn/privkey.pem;
# SSL 证书配置
# 方式1: 使用 IP 证书(需要购买)
# 方式2: 使用自签名证书CDN 回源可以配置<E9858D>?HTTP<54>?
# 方式3: 如果有域名指向这台服务器,用 Let's Encrypt
#
# 临时使用自签名证书生产环境建议使用正式证书<E8AF81>?
# sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
# -keyout /etc/nginx/ssl/server.key \
# -out /etc/nginx/ssl/server.crt \
# -subj "/CN=110.42.32.207"
ssl_certificate /etc/nginx/ssl/api.valuefrontier.cn/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/api.valuefrontier.cn/privkey.pem;
# SSL 优化
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
# ============================================
# SEO 文件配置robots.txt + sitemap.xml
# 优先级最高,放在最前面
# CORS 配置<EFBC88>?CDN 域名访问<E8AEBF>?
# ============================================
set $cors_origin 'https://valuefrontier.cn';
# robots.txt - 精确匹配(优先级最高)
location = /robots.txt {
root /var/www/valuefrontier;
add_header Content-Type "text/plain; charset=utf-8";
add_header Cache-Control "public, max-age=3600"; # 缓存 1 小时
access_log off; # 减少日志记录
}
# sitemap.xml - 精确匹配
location = /sitemap.xml {
root /var/www/valuefrontier;
add_header Content-Type "application/xml; charset=utf-8";
add_header Cache-Control "public, max-age=3600"; # 缓存 1 小时
access_log off;
}
# --- 为React应用提供静态资源 ---
location /static/ {
alias /var/www/valuefrontier.cn/static/;
expires 1y;
add_header Cache-Control "public, immutable";
add_header Access-Control-Allow-Origin *;
}
location ~ \.txt$ {
root /var/www/valuefrontier.cn;
add_header Content-Type "text/plain";
}
location /manifest.json {
alias /var/www/valuefrontier.cn/manifest.json;
add_header Content-Type "application/json";
}
location /favicon.ico {
alias /var/www/valuefrontier.cn/favicon.ico;
}
# --- Next.js 专用静态资源 (已废弃,保留以防需要回滚) ---
# location /_next/ {
# proxy_pass http://127.0.0.1:3000;
# proxy_http_version 1.1;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# expires 1y;
# add_header Cache-Control "public, immutable";
# 如果需要限制来源,取消下面注释
# set $cors_origin '';
# if ($http_origin ~* "^https://(www\.)?valuefrontier\.cn$") {
# set $cors_origin $http_origin;
# }
# --- 后端API反向代理使用 upstream 支持负载均衡)---
# ============================================
# Flask API 代理<EFBC88>?gunicorn<72>?
# ============================================
location /api/ {
proxy_pass http://flask_backend;
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Authorization, X-Requested-With, Cookie' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Length' 0;
return 204;
}
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Expose-Headers;
proxy_pass http://127.0.0.1:5001;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection ""; # 启用 keepalive
proxy_set_header Connection "";
# 超时配置(微信回调等需要足够时间)
# 统一添加 CORS <20>?
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
# 超时配置
proxy_connect_timeout 60s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
# 错误处理
proxy_next_upstream error timeout http_502 http_503 http_504;
proxy_next_upstream_tries 3;
}
# WebSocket (Socket.IO) 代理
# ============================================
# WebSocket - Socket.IO (Flask)
# ============================================
location /socket.io/ {
proxy_pass http://flask_backend;
proxy_pass http://127.0.0.1:5001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
@@ -134,6 +120,7 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
@@ -141,12 +128,12 @@ server {
}
# ============================================
# 实时行情 WebSocket 代理(灵活屏功能)
# 实时行情 WebSocket
# ============================================
# 上交所实时行情 WebSocket
# 上交所行情(本地服务)
location /ws/sse {
proxy_pass http://127.0.0.1:8765; # 本机行情服务
proxy_pass http://127.0.0.1:8765;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
@@ -154,13 +141,14 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
proxy_buffering off;
}
# 深交所实时行情 WebSocket
# 深交所行情
location /ws/szse {
proxy_pass http://222.128.1.157:8765;
proxy_http_version 1.1;
@@ -170,12 +158,16 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
proxy_buffering off;
}
# ============================================
# MCP 服务(本地)
# ============================================
location /mcp/ {
proxy_pass http://127.0.0.1:8900/;
proxy_http_version 1.1;
@@ -195,8 +187,7 @@ server {
gzip off;
add_header X-Accel-Buffering no;
add_header 'Access-Control-Allow-Origin' '$http_origin' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
@@ -206,24 +197,66 @@ server {
}
}
# 概念板块API代理
# ============================================
# 数据服务 API 代理 (222.128.1.157)
# ============================================
# 概念板块 API
location /concept-api/ {
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Length' 0;
return 204;
}
# 隐藏后端返回<E8BF94>?CORS 头避免重复<E9878D>?
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Expose-Headers;
proxy_pass http://222.128.1.157:16801/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Access-Control-Allow-Origin *;
proxy_set_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
proxy_set_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range";
# 统一添加 CORS <20>?
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
# Elasticsearch API代理(价值论坛)
# Elasticsearch API
location /es-api/ {
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Length' 0;
return 204;
}
# 隐藏后端返回<E8BF94>?CORS 头避免重复<E9878D>?
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Expose-Headers;
proxy_pass http://222.128.1.157:19200/;
proxy_http_version 1.1;
proxy_set_header Host $host;
@@ -231,27 +264,133 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# CORS 配置
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
# 统一添加 CORS <EFBFBD>?
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
return 204;
}
# 超时设置
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
# 禁用缓冲以支持流式响应
proxy_buffering off;
}
# 拜特桌面API代理 (bytedesk)
# 新闻搜索 API
location /news-api/ {
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Length' 0;
return 204;
}
# 隐藏后端返回<E8BF94>?CORS 头避免重复<E9878D>?
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Expose-Headers;
proxy_pass http://222.128.1.157:21891/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 统一添加 CORS <20>?
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
proxy_connect_timeout 90s;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
}
# 研报搜索 API
location /report-api/ {
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Length' 0;
return 204;
}
# 隐藏后端返回<E8BF94>?CORS 头避免重复<E9878D>?
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Expose-Headers;
proxy_pass http://222.128.1.157:8811/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 统一添加 CORS <20>?
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
}
# 商品分类 API
location /category-api/ {
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Length' 0;
return 204;
}
# 隐藏后端返回<E8BF94>?CORS 头避免重复<E9878D>?
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Expose-Headers;
proxy_pass http://222.128.1.157:18827/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 统一添加 CORS <20>?
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
proxy_buffering on;
proxy_buffer_size 128k;
proxy_buffers 8 256k;
proxy_busy_buffers_size 512k;
}
# ============================================
# Bytedesk 客服系统代理 (43.143.189.195)
# ============================================
location /bytedesk/ {
proxy_pass http://43.143.189.195/;
proxy_http_version 1.1;
@@ -261,19 +400,21 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
if ($request_method = 'OPTIONS') {
return 204;
}
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
}
# 2. WebSocket代理必需
location /websocket {
proxy_pass http://43.143.189.195/websocket;
proxy_http_version 1.1;
@@ -283,12 +424,12 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 86400s;
proxy_send_timeout 86400s;
proxy_read_timeout 86400s;
}
# iframe 内部资源代理Bytedesk 聊天窗口的 CSS/JS
location /chat/ {
proxy_pass http://43.143.189.195/chat/;
proxy_http_version 1.1;
@@ -299,29 +440,25 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# ✨ 自动替换响应内容中的 IP 地址为域名(解决 Mixed Content
sub_filter 'http://43.143.189.195' 'https://valuefrontier.cn';
sub_filter_once off; # 替换所有匹配项
# 替换响应内容中的 IP 地址
sub_filter 'http://43.143.189.195' 'https://www.valuefrontier.cn';
sub_filter_once off;
sub_filter_types text/css text/javascript application/javascript application/json;
# CORS 头部
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers'
'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
if ($request_method = 'OPTIONS') {
return 204;
}
# 超时设置
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
}
# Bytedesk 配置接口代理
location /config/ {
proxy_pass http://43.143.189.195/config/;
proxy_http_version 1.1;
@@ -330,23 +467,19 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# CORS 头部
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers'
'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
if ($request_method = 'OPTIONS') {
return 204;
}
# 超时设置
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
}
# Bytedesk 上传文件代理
location ^~ /uploads/ {
proxy_pass http://43.143.189.195/uploads/;
proxy_http_version 1.1;
@@ -355,30 +488,25 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 缓存配置
proxy_cache_valid 200 1d;
expires 1d;
add_header Cache-Control "public, max-age=86400";
}
# Bytedesk 文件访问代理(仅 2025 年文件)
location ^~ /file/2025/ {
proxy_pass http://43.143.189.195/file/2025/;
location ^~ /file/ {
proxy_pass http://43.143.189.195/file/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 缓存配置
proxy_cache_valid 200 1d;
expires 1d;
add_header Cache-Control "public, max-age=86400";
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Origin $cors_origin;
}
# Visitor API 代理Bytedesk 初始化接口)
location /visitor/ {
proxy_pass http://43.143.189.195/visitor/;
proxy_http_version 1.1;
@@ -386,21 +514,21 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# ✨ 禁用压缩(让 sub_filter 能处理 JSON
proxy_set_header Accept-Encoding "";
# 替换 JSON 响应中的 IP 地址为域名
sub_filter 'http://43.143.189.195' 'https://valuefrontier.cn';
# 替换 JSON 响应中的 IP 地址
sub_filter 'http://43.143.189.195' 'https://www.valuefrontier.cn';
sub_filter_once off;
sub_filter_types application/json;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
if ($request_method = 'OPTIONS') {
return 204;
}
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
@@ -415,13 +543,16 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
if ($request_method = 'OPTIONS') {
return 204;
}
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
@@ -438,7 +569,7 @@ server {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
@@ -453,209 +584,36 @@ server {
proxy_buffering off;
}
# 6. 头像和静态资源解决404问题
location ^~ /avatars/ {
proxy_pass http://43.143.189.195/uploads/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# 缓存静态资源
proxy_cache_valid 200 1d;
proxy_cache_bypass $http_cache_control;
}
# 7. Bytedesk所有其他资源
location /assets/ {
proxy_pass http://43.143.189.195/assets/;
proxy_set_header Host $host;
expires 1d;
add_header Cache-Control "public, immutable";
}
# 新闻搜索API代理
location /news-api/ {
proxy_pass http://222.128.1.157:21891/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Access-Control-Allow-Origin *;
proxy_set_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
proxy_set_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range";
proxy_connect_timeout 90s;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
# ============================================
# 健康检<E5BAB7>?
# ============================================
location /health {
return 200 'ok';
add_header Content-Type text/plain;
}
# 研报搜索API代理
location /report-api/ {
proxy_pass http://222.128.1.157:8811/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Access-Control-Allow-Origin *;
proxy_set_header Access-Control-Allow-Methods "GET, POST, OPTIONS";
proxy_set_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range";
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
}
# 商品分类树数据API代理数据浏览器
location /category-api/ {
proxy_pass http://222.128.1.157:18827/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# CORS 配置
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
# 处理 OPTIONS 预检请求
if ($request_method = 'OPTIONS') {
return 204;
}
# 超时设置(数据量大,需要较长超时时间)
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
# 缓冲配置(支持大响应体)
proxy_buffering on;
proxy_buffer_size 128k;
proxy_buffers 8 256k;
proxy_busy_buffers_size 512k;
}
# --- 新的静态官网静态资源(优先级最高) ---
# 使用 ^~ 前缀确保优先匹配,不被后面的规则覆盖
location ^~ /css/ {
root /var/www/valuefrontier;
expires 1y;
add_header Cache-Control "public, immutable";
}
location ^~ /js/ {
root /var/www/valuefrontier;
expires 1y;
add_header Cache-Control "public, immutable";
}
location ^~ /img/ {
root /var/www/valuefrontier;
expires 1y;
add_header Cache-Control "public, immutable";
}
location ^~ /videos/ {
root /var/www/valuefrontier;
expires 1y;
add_header Cache-Control "public, immutable";
}
location ^~ /fonts/ {
root /var/www/valuefrontier;
expires 1y;
add_header Cache-Control "public, immutable";
}
# 官网HTML页面
location ~ ^/(conversational-ai|customizable-workflows|integration|docs|sign-in|sign-up|reset-password)\.html$ {
root /var/www/valuefrontier;
try_files $uri =404;
}
# 官网首页 - 静态HTML
location = / {
root /var/www/valuefrontier;
try_files /index.html =404;
}
# --- React 应用 (默认 catch-all) ---
# 所有其他路径都导向React应用
# 包括: /home, /community, /concepts, /limit-analyse, /stocks 等
# ============================================
# 默认返回 404
# ============================================
location / {
root /var/www/valuefrontier.cn;
index index.html index.htm;
# 所有SPA路由都返回index.html让React处理
try_files $uri $uri/ /index.html;
# 为静态资源添加缓存头
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
add_header Access-Control-Allow-Origin *;
return 404 '{"error": "Not Found"}';
add_header Content-Type application/json;
}
}
}
# ==========================================================
# api.valuefrontier.cn - 服务器配置块 (START)
# ==========================================================
server {
if ($host = api.valuefrontier.cn) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name api.valuefrontier.cn; # <--- 明确指定域名
# 这一段是为了让Certbot自动续期时能正常工作
location /.well-known/acme-challenge/ {
root /var/www/html;
}
# 将所有到 api 域名的 HTTP 请求重定向到 HTTPS
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
server_name api.valuefrontier.cn; # <--- 明确指定域名
# --- SSL 证书配置 ---
# Certbot 会自动填充这里,但我们可以先写上占位符
ssl_certificate /etc/letsencrypt/live/api.valuefrontier.cn/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/api.valuefrontier.cn/privkey.pem; # managed by Certbot
# (推荐) 包含通用的SSL安全配置
# include /etc/letsencrypt/options-ssl-nginx.conf;
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# --- API 反向代理 ---
location / {
# 假设你的API后端运行在本地的8080端口
# 请修改为你API服务的真实地址和端口
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# ==========================================================
# api.valuefrontier.cn - 服务器配置块 (END)
# ==========================================================