| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 |
- # 数据库
- server {
- listen 3306;
- location / {
- client_max_body_size 50M;
- proxy_pass http://adminer:8080/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- add_header 'Access-Control-Allow-Origin' '*' always;
- add_header 'Access-Control-Allow-Methods' '*' always;
- add_header 'Access-Control-Allow-Headers' '*' always;
- add_header 'Access-Control-Expose-Headers' '*' always;
- add_header 'Access-Control-Allow-Credentials' 'true' always;
- add_header X-Frame-Options "ALLOWALL";
- add_header Content-Security-Policy "frame-ancestors *";
- }
- }
- # 缓存
- server {
- listen 6379;
- location / {
- proxy_pass http://redisinsight:5540/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- add_header 'Access-Control-Allow-Origin' '*' always;
- add_header 'Access-Control-Allow-Methods' '*' always;
- add_header 'Access-Control-Allow-Headers' '*' always;
- add_header 'Access-Control-Expose-Headers' '*' always;
- add_header 'Access-Control-Allow-Credentials' 'true' always;
- add_header X-Frame-Options "ALLOWALL";
- add_header Content-Security-Policy "frame-ancestors *";
- }
- }
- # 应急指挥
- server {
- listen 8080;
- # 视频监控
- location /zlmediakit/ {
- proxy_pass http://zlmediakit:80/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_buffering off;
- proxy_request_buffering off;
- proxy_read_timeout 300s;
- proxy_send_timeout 300s;
- add_header 'Access-Control-Allow-Origin' '*' always;
- add_header 'Access-Control-Allow-Methods' '*' always;
- add_header 'Access-Control-Allow-Headers' '*' always;
- }
- # 数据中台后端 API
- location /prod-api/ {
- proxy_pass http://aegis-admin:8080/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- }
- # 智能体 GitCC API(前端同源 /gitcc-api 反代,避免浏览器 CORS)
- location /gitcc-api/ {
- proxy_pass http://api.gitcc.com/;
- proxy_set_header Host api.gitcc.com;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_read_timeout 120s;
- proxy_send_timeout 120s;
- }
- # 文件访问路径 - 后端处理静态资源
- # 注意:这个配置必须在 location / 之前,因为 nginx 按最长匹配原则
- # 使用精确匹配,确保 /profile/ 路径完整传递到后端
- location /profile/ {
- proxy_pass http://aegis-admin:8080/profile/;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
-
- # 文件下载相关头
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-Port $server_port;
-
- # 文件传输相关配置
- proxy_buffering off;
- proxy_request_buffering off;
- }
- # 前端静态资源缓存(JS、CSS、字体等)
- location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
- proxy_pass http://aegis-ui;
- proxy_set_header Host $host;
- expires 1y;
- add_header Cache-Control "public, immutable";
- }
- # 前端路由 - 所有其他请求都代理到前端
- location / {
- proxy_pass http://aegis-ui;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- }
- }
|
