whm/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: API 反代保留 /api 路径修复 404;admin 容器 location /;宿主机 Nginx 反代到 8443 说明

Browse Source 
Made-with: Cursor
This commit is contained in:
whm
2026-03-17 22:49:48 +08:00
parent 6044786380
commit 483560bcfc
4 changed files with 18 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
nginx/yuheng.yuxindazhineng.com.conf
View File

@@ -1,6 +1,7 @@
# yh_web 反向代理:强制 HTTPSSSL 证书按域名存放在独立目录
# yh_web 宿主机 Nginx仅在做「宿主机 443 → compose 内 Nginx」时使用
# 证书路径:/etc/ssl/yh_web/yuheng.yuxindazhineng.com/
# 部署:复制到 /etc/nginx/conf.d/ 或 include nginx.conf 后 nginx -t && systemctl reload nginx
# 使用本配置时compose nginx 须改为映射 8443:443避免与宿主机 443 冲突),本文件反代到 127.0.0.1:8443
# 部署:复制到 /etc/nginx/conf.d/ 后 nginx -t && systemctl reload nginx
# HTTP → HTTPS 强制跳转
server {
@@ -10,44 +11,21 @@ server {
return 301 https://$server_name$request_uri;
}
# HTTPS
# HTTPS:整站反代到 compose 内 Nginx宿主机 443 → 127.0.0.1:8443
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name yuheng.yuxindazhineng.com;
# 证书按域名命名存放
ssl_certificate /etc/ssl/yh_web/yuheng.yuxindazhineng.com/fullchain.pem;
ssl_certificate_key /etc/ssl/yh_web/yuheng.yuxindazhineng.com/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
# 前台
location / {
proxy_pass http://127.0.0.1:9528;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# 管理后台
location /admin/ {
proxy_pass http://127.0.0.1:9529/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# API宿主机端口 8088
location /api/ {
proxy_pass http://127.0.0.1:8088/;
proxy_pass http://127.0.0.1:8443;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;