# 指定数据流后端服务地址
upstream mailtemp {
    ip_hash;
    server 127.0.0.1:9000;
}

# 
map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

server  {
    listen 80;
   #listen [::]:80;
    server_name mailtemp.top www.mailtemp.top;
    root  /home/wwwroot/mailtemp.top;

    # 转发到 http://127.0.0.0:9000
    location / {
        proxy_http_version 1.1;
        proxy_ssl_certificate  /usr/local/nginx/conf/ssl/mailtemp.top/fullchain.cer;
        proxy_ssl_certificate_key /usr/local/nginx/conf/ssl/mailtemp.top/mailtemp.top.key;

        # 让转发可带入 ReqToken 等数据,很重要,因为后端用 Go ,前端用 html5 的 WebSocket 请求,
        # 没带入 token 会产生 'upgrade' token not found in 'Connection' header 错误
        add_header Access-Control-Allow-Origin *;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

        # 让 nginx 支持前端 JS 发出的 ws 和 wss 请求
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_read_timeout 86400;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_pass_header Set-Cookie;

        proxy_pass http://mailtemp;
    }

    # 批定 js|css|png 等静态文件路径,不然无法载入
    # 之前很多时候用 rewrite 方式,最佳方案是用 alias
    location ^/public/.*\.(js|css|png)$ {
        alias /usr/local/share/inbucket/ui/static/;
        add_header Cache-Control "public";
    }
    access_log  /home/wwwlogs/mailtemp.top.log;

}

发表评论