-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathnginx.template
145 lines (104 loc) · 4.42 KB
/
nginx.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
root "/etc/nginx/conf.d";
location /api/ {
proxy_ssl_server_name on;
proxy_ssl_name api.zsxq.com;
proxy_ssl_verify off;
proxy_pass https://api.zsxq.com/;
proxy_set_header Host api.zsxq.com;
proxy_set_header Accept-Encoding '';
proxy_set_header Cookie 'zsxq_access_token=${YOUR_ACCESS_TOKEN}; abtest_env=product';
proxy_http_version 1.1;
sub_filter_once off;
sub_filter_types *;
sub_filter 'https:\/\/files.zsxq.com' 'http:\/\/${YOUR_IP_OR_DOMAIN}\/files';
sub_filter '"enable_watermark":true' '"enable_watermark":false';
}
location /files/ {
proxy_ssl_server_name on;
proxy_ssl_name files.zsxq.com;
proxy_ssl_verify off;
proxy_pass https://files.zsxq.com/;
proxy_set_header Host files.zsxq.com;
proxy_set_header referer 'https://wx.zsxq.com';
proxy_set_header Cookie 'zsxq_access_token=${YOUR_ACCESS_TOKEN}; abtest_env=product';
}
location / {
auth_basic "zsxq";
auth_basic_user_file /etc/nginx/htpasswd.txt;
if ($uri = '/'){
return 301 http://${YOUR_IP_OR_DOMAIN}/dweb2/index/group/init;
}
proxy_ssl_server_name on;
proxy_pass https://wx.zsxq.com;
proxy_set_header Host wx.zsxq.com;
proxy_set_header Accept-Encoding '';
proxy_set_header Cookie 'zsxq_access_token=${YOUR_ACCESS_TOKEN}; abtest_env=product';
proxy_http_version 1.1;
sub_filter_once off;
sub_filter_types *;
sub_filter '</head>' '<meta name="referrer" content="no-referrer"></head>';
sub_filter 'https://wx.zsxq.com' 'http://${YOUR_IP_OR_DOMAIN}';
sub_filter 'https://api.zsxq.com' 'http://${YOUR_IP_OR_DOMAIN}/api';
sub_filter 'wx.zsxq.com' '${YOUR_IP_OR_DOMAIN}';
sub_filter 'api.zsxq.com' '${YOUR_IP_OR_DOMAIN}/api';
proxy_set_header referer 'https://wx.zsxq.com';
}
location ~ /dweb2/index/group/ {
auth_basic "zsxq";
auth_basic_user_file /etc/nginx/htpasswd.txt;
proxy_ssl_server_name on;
proxy_pass https://wx.zsxq.com;
proxy_set_header Host wx.zsxq.com;
proxy_set_header Accept-Encoding '';
proxy_set_header Cookie 'zsxq_access_token=${YOUR_ACCESS_TOKEN}; abtest_env=product';
proxy_http_version 1.1;
sub_filter_once off;
sub_filter_types *;
sub_filter '</head>' '<meta name="referrer" content="no-referrer"></head>';
sub_filter 'https://wx.zsxq.com' 'http://${YOUR_IP_OR_DOMAIN}';
sub_filter 'https://api.zsxq.com' 'http://${YOUR_IP_OR_DOMAIN}/api';
sub_filter 'wx.zsxq.com' '${YOUR_IP_OR_DOMAIN}';
sub_filter 'api.zsxq.com' '${YOUR_IP_OR_DOMAIN}/api';
proxy_set_header referer 'https://wx.zsxq.com';
}
location ~ .*\.(css|js)(.*) {
proxy_ssl_server_name on;
proxy_pass https://wx.zsxq.com;
proxy_set_header Host wx.zsxq.com;
proxy_set_header Accept-Encoding '';
sub_filter_once off;
sub_filter_types *;
sub_filter '.http.handleExceptionCode' '';
sub_filter 'https://wx.zsxq.com' 'http://${YOUR_IP_OR_DOMAIN}';
sub_filter 'https://api.zsxq.com' 'http://${YOUR_IP_OR_DOMAIN}/api';
sub_filter 'wx.zsxq.com' '${YOUR_IP_OR_DOMAIN}';
sub_filter 'api.zsxq.com' '${YOUR_IP_OR_DOMAIN}/api';
proxy_set_header referer 'https://wx.zsxq.com';
expires 3d;
}
location ~ (likes|favorites|footprint|group_data|access_tokens|comments) {
return 404;
}
}
}