vf/vf_react
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
db33b4ce02525547ee32f3e307249f7e23033e62
vf_react/nginx-114.66.54.70.conf
zzlgreat 2fd235891d 更新app.py
2026-01-28 08:47:43 +08:00

237 lines
8.4 KiB
Plaintext
Raw Blame History

# ============================================================================
# 114.66.54.70 Nginx 配置 (服务器2)
#
# 部署步骤:
# 1. 上传配置: scp nginx-114.66.54.70.conf root@114.66.54.70:/tmp/
# 2. 复制配置: sudo cp /tmp/nginx-114.66.54.70.conf /etc/nginx/sites-available/api.conf
# 3. 启用配置: sudo ln -s /etc/nginx/sites-available/api.conf /etc/nginx/sites-enabled/
# 4. 从服务器1复制SSL证书:
# scp -r root@110.42.32.207:/etc/nginx/ssl /etc/nginx/
# 5. 测试重载: sudo nginx -t && sudo systemctl reload nginx
# ============================================================================
# WebSocket 连接升级映射
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# ============================================================================
# HTTP (端口 80) - 重定向到 HTTPS
# ============================================================================
server {
listen 80;
server_name api.valuefrontier.cn 114.66.54.70;
location /.well-known/acme-challenge/ {
root /var/www/html;
}
location / {
return 301 https://$host$request_uri;
}
}
# ============================================================================
# HTTPS (端口 443) - API 服务
# ============================================================================
server {
listen 443 ssl http2;
server_name api.valuefrontier.cn 114.66.54.70;
# SSL 证书 (从服务器1复制)
ssl_certificate /etc/nginx/ssl/api.valuefrontier.cn/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/api.valuefrontier.cn/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
client_max_body_size 20M;
set $cors_origin 'https://valuefrontier.cn';
# ============================================
# Flask API 代理
# ============================================
location /api/ {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Authorization, X-Requested-With, Cookie' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Max-Age' 86400;
add_header 'Content-Length' 0;
return 204;
}
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Methods;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Expose-Headers;
proxy_pass http://127.0.0.1:5001;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection "";
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
proxy_connect_timeout 60s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
}
# ============================================
# WebSocket - Socket.IO
# ============================================
location /socket.io/ {
proxy_pass http://127.0.0.1:5001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
proxy_buffering off;
}
# ============================================
# 实时行情 WebSocket (代理到其他服务器)
# ============================================
location /ws/sse {
proxy_pass http://101.43.133.214:8765;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
proxy_buffering off;
}
location /ws/szse {
proxy_pass http://222.128.1.157:8765;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
proxy_buffering off;
}
# ============================================
# 数据服务 API 代理 (222.128.1.157)
# ============================================
location /concept-api/ {
proxy_pass http://222.128.1.157:16801/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
}
location /es-api/ {
proxy_pass http://222.128.1.157:19200/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
}
location /news-api/ {
proxy_pass http://222.128.1.157:21891/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
}
location /report-api/ {
proxy_pass http://222.128.1.157:8811/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
}
location /category-api/ {
proxy_pass http://222.128.1.157:18827/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
}
# ============================================
# 健康检查
# ============================================
location /health {
return 200 'ok';
add_header Content-Type text/plain;
}
# ============================================
# 微信域名验证
# ============================================
location = /MP_verify_17Fo4JhapMw6vtNa.txt {
return 200 '17Fo4JhapMw6vtNa';
add_header Content-Type text/plain;
}
location = /gvQnxIQ5Rs.txt {
return 200 'd526e9e857dbd2621e5100811972e8c5';
add_header Content-Type text/plain;
}
# ============================================
# 默认返回 404
# ============================================
location / {
return 404 '{"error": "Not Found"}';
add_header Content-Type application/json;
}
}
Reference in New Issue View Git Blame Copy Permalink