server { listen 443 ssl; server_name example.com; ssl_certificate /data/vp/nginx/ssl/cert.pem; ssl_certificate_key /data/vp/nginx/ssl/key.pem; # 配置SSL参数 ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384; # 配置SSL会话缓存 ssl_session_cache shared:SSL:10m; ssl_session_timeout 30m; # 配置SSL安全性选项 ssl_stapling on; ssl_stapling_verify on; resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 5s; client_max_body_size 20M; # 设置客户端请求的最大上传大小为 20MB,可以根据实际情况修改 location / { root /usr/share/nginx/html/dist; index index.html index.htm; } location /rasa/ { root /usr/share/nginx/html/; index rasa.html rasa.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html/dist; } # 前台后端服务 location /virtual-patient/ { proxy_pass http://web_servers/virtual-patient/; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # 前台文件服务代理到后管 location /virtual-patient/fileManage/ { proxy_pass http://manage_servers/virtual-patient-manage/fileManage/; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # websocket 代理服务 location /virtual-patient-websocket/ { proxy_pass http://web_servers/virtual-patient/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # 后管后端服务 location /virtual-patient-manage/ { proxy_pass http://manage_servers/virtual-patient-manage/; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }