datawhale/whale-town-end
3
4
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3bf1b6f4746af7296d234f6bb8e234a09785e07b
whale-town-end/nginx.conf
moyin 3bf1b6f474 config:添加nginx WebSocket代理配置文件 
- nginx.conf: 当前生产环境的nginx配置
- nginx_complete_fix.conf: 完整的WebSocket支持配置模板

包含WebSocket升级映射、HTTP重定向、SSL配置等完整方案
支持ws://到wss://的协议升级和重定向处理
2026-01-05 11:17:16 +08:00

61 lines
2.4 KiB
Nginx Configuration File
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
server {
listen 443 ssl;
server_name whaletownend.xinghangee.icu;
ssl_certificate /home/ubuntu/node_test/keys/whaletownend.xinghangee.icu_bundle.crt;
ssl_certificate_key /home/ubuntu/node_test/keys/whaletownend.xinghangee.icu.key;
client_max_body_size 500M;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
add_header X-Content-Type-Options "nosniff" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
location /socket.io/ {
proxy_pass http://127.0.0.1:3000/socket.io/;
# 基础反向代理头
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Socket.IO/WebSocket 核心配置
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# 关键Socket.IO 需要长超时 + 关闭缓冲
proxy_connect_timeout 75s;
proxy_send_timeout 3600s;
proxy_read_timeout 3600s;
proxy_buffering off;
proxy_cache off; # 关闭缓存,避免 Socket.IO 消息延迟
}
location / {
proxy_pass http://127.0.0.1:3000;
# 必须加的 header
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# 避免第一次请求断开
proxy_http_version 1.1;
proxy_set_header Connection "";
# 调大超时,避免初始化时被踢掉
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
# 建议关闭缓冲,防止页面流式加载时被截断
proxy_buffering off;
}
}
Reference in New Issue View Git Blame Copy Permalink