From 5894a4a94bd415e6219a5852b05f127fd03e3aba Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期一, 14 七月 2025 16:47:15 +0800
Subject: [PATCH] 支持https协议

---
 docker/nginx/conf/nginx.conf |   60 +++++++++++++++++++++++++++++++++++++++++++++++++++++-------
 1 files changed, 53 insertions(+), 7 deletions(-)

diff --git a/docker/nginx/conf/nginx.conf b/docker/nginx/conf/nginx.conf
index efc5ae4..1aef55f 100644
--- a/docker/nginx/conf/nginx.conf
+++ b/docker/nginx/conf/nginx.conf
@@ -12,7 +12,7 @@
 
     server {
         listen        80;
-        server_name   localhost;
+        server_name   local80;
 
         location / {
             root      /usr/share/nginx/html;
@@ -44,14 +44,60 @@
             proxy_pass http://gateway:8001/system;
         }
 
-        # actuator
-        if ($request_uri ~ "/actuator") {
-            return 403;
-        }
-
         error_page   500 502 503 504  /50x.html;
+
         location = /50x.html {
             root   html;
         }
     }
-}
\ No newline at end of file
+
+    server {
+        listen        443 ssl;
+        listen        [::]:443 ssl;
+        server_name   local443;
+
+        ssl_certificate     /etc/nginx/conf.d/ssl/ssl2035.crt;
+        ssl_certificate_key /etc/nginx/conf.d/ssl/ssl2035.key;
+        ssl_session_cache   shared:SSL:50m;
+        ssl_session_timeout 7d;
+        ssl_ciphers         HIGH:!aNULL:!MD5;
+        ssl_protocols       TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+
+        location / {
+            root      /usr/share/nginx/html;
+            try_files $uri $uri/ /index.html /sso/index.html;
+            index     index.html index.htm;
+        }
+        
+        location /sso {
+            alias     /usr/share/nginx/html/sso;
+            try_files $uri $uri/ /sso/;
+            #index  index.html index.htm;
+        }
+        
+        location /api/ {
+            proxy_set_header Host $http_host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header REMOTE-HOST $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            
+            proxy_pass http://gateway:8001/;
+        }
+
+        location /system {
+            proxy_set_header Host $http_host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header REMOTE-HOST $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+            proxy_pass http://gateway:8001/system;
+        }
+
+        error_page   500 502 503 504  /50x.html;
+
+        location = /50x.html {
+            root   html;
+        }
+    }
+}

--
Gitblit v1.9.3