vhost.conf(bi)

server {
     listen 80;
     server_name bi.sandieji.tech www.bi.tosofts.com;
     rewrite ^(.*)$   https://$host$1 permanent;
}
server {
     listen 443 ssl; 
     #server_name bi.sandieji.tech www.bi.sandieji.tech;
     root /opt/apps/webs/bi.sandieji.tech;

     ssl_certificate ssl/bi.sandieji.tech_bundle.crt;
     ssl_certificate_key ssl/bi.sandieji.tech.key;
     ssl_session_timeout 5m;
     ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;

     client_max_body_size    10m;

      location ~* /.bat {
            deny all;
      }

    location /bi/api/v3/board/ {

        #add_header 'Access-Control-Allow-Origin' 'http://localhost:9528' always;
        #add_header 'Access-Control-Allow-Credentials' true;
        #add_header 'Access-Control-Allow-Headers' *;
        #add_header 'Access-Control-Allow-Methods' *;
        #add_header 'Access-Control-Expose-Headers' *; 

                proxy_pass http://localhost:9095/;
                proxy_set_header Host $host;
                proxy_set_header XfromAppId $http_XfromAppId;
                proxy_set_header XownerId $http_XownerId;
                proxy_set_header XsysId $http_XsysId;
                proxy_set_header XuserId $http_XuserId;
                proxy_set_header XverifyApi $http_XverifyApi;
                proxy_set_header Authorization $http_Authorization;
                proxy_set_header XfilterAreaCode $http_XfilterAreaCode;
                proxy_set_header XuserFromFirstShareId $http_XuserFromFirstShareId;
                proxy_set_header XuserFromSecondShareId $http_XuserFromSecondShareId;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   }
   location /file/download/ {          
        #add_header 'Access-Control-Allow-Origin' 'http://localhost:9528' always;
        #add_header 'Access-Control-Allow-Credentials' true;
        #add_header 'Access-Control-Allow-Headers' *;
        #add_header 'Access-Control-Allow-Methods' *;
        #add_header 'Access-Control-Expose-Headers' *;

                proxy_pass http://localhost:9095/file/download/;
                proxy_set_header Host $host;
                proxy_set_header XfromAppId $http_XfromAppId;
                proxy_set_header XownerId $http_XownerId;
                proxy_set_header XsysId $http_XsysId;
                proxy_set_header XuserId $http_XuserId;
                proxy_set_header XverifyApi $http_XverifyApi;
                proxy_set_header Authorization $http_Authorization;
                proxy_set_header XfilterAreaCode $http_XfilterAreaCode;
                proxy_set_header XuserFromFirstShareId $http_XuserFromFirstShareId;
                proxy_set_header XuserFromSecondShareId $http_XuserFromSecondShareId;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    location @router {
            rewrite ^.*$ /index.html last;
    }
 }

跨域配置

 #add_header 'Access-Control-Allow-Origin' 'http://localhost:9528' always;
        #add_header 'Access-Control-Allow-Credentials' true;
        #add_header 'Access-Control-Allow-Headers' *;
        #add_header 'Access-Control-Allow-Methods' *;
        #add_header 'Access-Control-Expose-Headers' *;