src/infra/nginx.www.cyberverse.cc.conf
2,224 bytes · 74 lines · capsule://quake0day/[email protected]
raw on github
# CyberVerse static frontend + API/WebSocket reverse proxy for www.cyberverse.cc
#
# HTTPS: this file MUST include a listen 443 block; otherwise https:// requests
# are handled by nginx's default SSL vhost ("Welcome to nginx!").
# Adjust ssl_certificate paths if you use Aliyun-uploaded certs (e.g. under /etc/nginx/ssl/).
#
# root: nginx runs as www-data and cannot read paths under /home/root-only dirs unless
# permissions allow. Prefer deploying dist to e.g. /var/www/cyberverse-cc (see operations doc).
server {
listen 80;
server_name www.cyberverse.cc cyberverse.cc;
root /var/www/cyberverse-cc;
index index.html;
client_max_body_size 100m;
location /api/ {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /ws/ {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_read_timeout 3600s;
}
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 443 ssl http2;
server_name www.cyberverse.cc cyberverse.cc;
ssl_certificate /etc/letsencrypt/live/www.cyberverse.cc/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.cyberverse.cc/privkey.pem;
root /var/www/cyberverse-cc;
index index.html;
client_max_body_size 100m;
location /api/ {
proxy_pass http://127.0.0.1:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /ws/ {
proxy_pass http://127.0.0.1:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_read_timeout 3600s;
}
location / {
try_files $uri $uri/ /index.html;
}
}