peanut/happy-life-star
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c80c7b6bbe9f9e246bed82cc4c2ecaa6f78d87b3
happy-life-star/conf/emotion-museum.conf
T
peanut 492c09feeb fix: Nginx 配置添加 Swagger/Knife4j API 文档代理 
在 emotion-museum.conf 中新增 /swagger-ui、/v3/api-docs、/doc.html、/webjars
代理规则,防止前端 try_files 拦截导致 API 文档页面无法访问。

修复后文档地址:
- Swagger UI: https://lifescript.happylifeos.com/api/swagger-ui/index.html
- Knife4j: https://lifescript.happylifeos.com/api/doc.html

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-20 22:08:35 +08:00

200 lines
6.1 KiB
Plaintext
Raw Blame History

# Emotion Museum HTTPS Nginx 配置
# 配置路径:/www/server/panel/vhost/nginx/emotion-museum.conf
# 域名:lifescript.happylifeos.com
# HTTP 服务器 - 强制跳转 HTTPS
server {
listen 80;
server_name lifescript.happylifeos.com;
# 强制跳转 HTTPS
return 301 https://$server_name$request_uri;
}
# HTTPS 服务器
server {
listen 443 ssl;
server_name lifescript.happylifeos.com;
# SSL 证书配置
ssl_certificate /etc/letsencrypt/live/lifescript.happylifeos.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/lifescript.happylifeos.com/privkey.pem;
# SSL 优化配置
ssl_protocols TLSv1.2 TLSv1.3;
# WeChat mini program/Cronet compatibility: keep TLS 1.2 enabled with broad modern suites.
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers off;
ssl_ecdh_curve prime256v1:secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
ssl_session_tickets off;
# HSTS (可选,生产环境建议开启)
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
# ACME 挑战目录 - 用于 SSL 证书申请和续期
location ^~ /.well-known/acme-challenge/ {
root /data/www/acme-challenge;
allow all;
try_files $uri =404;
}
# 根路径 - 用户前端应用
location = / {
return 404;
}
location / {
alias /data/www/emotion-museum/;
autoindex off;
# 处理 Vue Router 的 history 模式
try_files $uri $uri/ /index.html;
# HTML 文件不缓存
location ~ \.html?$ {
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma "no-cache";
add_header Expires "0";
}
# 静态资源缓存 1 年
location ~ \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
add_header Cache-Control "public, max-age=31536000, immutable";
expires 1y;
try_files $uri =404;
}
}
# 管理后台应用路径
location /emotion-museum-admin/ {
alias /data/www/emotion-museum-admin/;
autoindex off;
# 处理 Vue Router 的 history 模式
try_files $uri $uri/ /emotion-museum-admin/index.html;
# HTML 文件不缓存
location ~ \.html?$ {
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma "no-cache";
add_header Expires "0";
}
# 静态资源缓存 1 年
location ~ \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
add_header Cache-Control "public, max-age=31536000, immutable";
expires 1y;
}
}
location = /emotion-museum-admin {
rewrite ^(.*)$ $1/ permanent;
}
# Life-Script 应用路径
location /life-script/ {
alias /data/www/life-script/;
autoindex off;
# 处理 React Router 的 history 模式
try_files $uri $uri/ /life-script/index.html;
# HTML 文件不缓存
location ~ \.html?$ {
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma "no-cache";
add_header Expires "0";
}
# 静态资源缓存 1 年
location ~ \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
add_header Cache-Control "public, max-age=31536000, immutable";
expires 1y;
}
}
location = /life-script {
rewrite ^ /life-script/ last;
}
# 后端 API 代理
location /api {
proxy_pass http://127.0.0.1:19089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
# Swagger UI / Knife4j API 文档代理(防止被前端 try_files 拦截)
location /swagger-ui {
proxy_pass http://127.0.0.1:19089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /v3/api-docs {
proxy_pass http://127.0.0.1:19089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /doc.html {
proxy_pass http://127.0.0.1:19089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /webjars {
proxy_pass http://127.0.0.1:19089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# WebSocket 代理
location /ws {
proxy_pass http://127.0.0.1:19089;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 7d;
proxy_send_timeout 7d;
proxy_read_timeout 7d;
}
# 健康检查端点
location /health {
access_log off;
return 200 "healthy\n";
add_header Content-Type text/plain;
}
# 隐藏文件访问控制
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# 日志配置
access_log /www/wwwlogs/ssl-access.log;
error_log /www/wwwlogs/ssl-error.log;
}
Reference in New Issue View Git Blame Copy Permalink