server {
listen 80;
server_name bi.sandieji.tech www.bi.tosofts.com;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 443 ssl;
#server_name bi.sandieji.tech www.bi.sandieji.tech;
root /opt/apps/webs/bi.sandieji.tech;
ssl_certificate ssl/bi.sandieji.tech_bundle.crt;
ssl_certificate_key ssl/bi.sandieji.tech.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
client_max_body_size 10m;
location ~* /.bat {
deny all;
}
location /bi/api/v3/board/ {
#add_header 'Access-Control-Allow-Origin' 'http://localhost:9528' always;
#add_header 'Access-Control-Allow-Credentials' true;
#add_header 'Access-Control-Allow-Headers' *;
#add_header 'Access-Control-Allow-Methods' *;
#add_header 'Access-Control-Expose-Headers' *;
proxy_pass http://localhost:9095/;
proxy_set_header Host $host;
proxy_set_header XfromAppId $http_XfromAppId;
proxy_set_header XownerId $http_XownerId;
proxy_set_header XsysId $http_XsysId;
proxy_set_header XuserId $http_XuserId;
proxy_set_header XverifyApi $http_XverifyApi;
proxy_set_header Authorization $http_Authorization;
proxy_set_header XfilterAreaCode $http_XfilterAreaCode;
proxy_set_header XuserFromFirstShareId $http_XuserFromFirstShareId;
proxy_set_header XuserFromSecondShareId $http_XuserFromSecondShareId;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /file/download/ {
#add_header 'Access-Control-Allow-Origin' 'http://localhost:9528' always;
#add_header 'Access-Control-Allow-Credentials' true;
#add_header 'Access-Control-Allow-Headers' *;
#add_header 'Access-Control-Allow-Methods' *;
#add_header 'Access-Control-Expose-Headers' *;
proxy_pass http://localhost:9095/file/download/;
proxy_set_header Host $host;
proxy_set_header XfromAppId $http_XfromAppId;
proxy_set_header XownerId $http_XownerId;
proxy_set_header XsysId $http_XsysId;
proxy_set_header XuserId $http_XuserId;
proxy_set_header XverifyApi $http_XverifyApi;
proxy_set_header Authorization $http_Authorization;
proxy_set_header XfilterAreaCode $http_XfilterAreaCode;
proxy_set_header XuserFromFirstShareId $http_XuserFromFirstShareId;
proxy_set_header XuserFromSecondShareId $http_XuserFromSecondShareId;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location @router {
rewrite ^.*$ /index.html last;
}
}
跨域配置
#add_header 'Access-Control-Allow-Origin' 'http://localhost:9528' always;
#add_header 'Access-Control-Allow-Credentials' true;
#add_header 'Access-Control-Allow-Headers' *;
#add_header 'Access-Control-Allow-Methods' *;
#add_header 'Access-Control-Expose-Headers' *;
文档更新时间: 2023-08-22 23:20 作者:admin