端口转发+SSL证书部署

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
server {
    listen       80;
    server_name  blog.blog4xiang.world shiny.blog4xiang.world book.blog4xiang.world; #请求域名
    return      301 https://$host$request_uri; #重定向至https访问。
}

# blog
server {
	listen 443 ssl ;
              ssl_certificate /etc/nginx/sites-available/1_blog.blog4xiang.world_bundle.crt;  # 腾讯云给出的证书(名字要改成自己的)
              ssl_certificate_key /etc/nginx/sites-available/2_blog.blog4xiang.world.key;   # 腾讯云给出的私钥(名字要改成自己的)
              ssl_session_timeout 5m;
              ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
              ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; 
              ssl_prefer_server_ciphers on;
	root /home/hexo/blog;
	index index.html index.htm index.nginx-debian.html;
	server_name _;
	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}
}

# shiny-server
server {
    server_name shiny.blog4xiang.world;
    listen 443 ssl;

    ssl_certificate /etc/nginx/sites-available/1_shiny.blog4xiang.world_bundle.crt;  # 腾讯云给出的证书(名字要改成自己的)
    ssl_certificate_key /etc/nginx/sites-available/2_shiny.blog4xiang.world.key;   # 腾讯云给出的私钥(名字要改成自己的)
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; 
    ssl_prefer_server_ciphers on;

    location / {
        proxy_pass http://localhost:3838;
        proxy_redirect http://localhost:3838/ $scheme://$host/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
    }
}

# book-down
server {
    server_name book.blog4xiang.world; 

    listen 443 ssl ;
    ssl_certificate /etc/nginx/sites-available/1_book.blog4xiang.world_bundle.crt;  # 腾讯云给出的证书(名字要改成自己的)
    ssl_certificate_key /etc/nginx/sites-available/2_book.blog4xiang.world.key;   # 腾讯云给出的私钥(名字要改成自己的)
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; 
    ssl_prefer_server_ciphers on;
    
    root /srv/bookdown/book4xiang; 

    index index.html; 
    location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|js|pdf|txt){
      root /srv/bookdown/book4xiang;
    } 
}

💌lixiang117423@foxmail.com
💌lixiang117423@gmail.com

生物信息学
#生物信息学 #Shiny #Ubuntu #Bookdown #SSL #Nginx端口转发
端口转发+SSL证书部署
https://lixiang117423.github.io/article/ssldkzf/
作者
小蓝哥
发布于
2021年11月26日
许可协议