conf/ts.conf

server {
#     https://serverfault.com/questions/798734/use-variable-for-server-name-in-nginx#
#     server_name $servername;
    server_name "ts.moicen.com";
    listen 443 ssl;
    listen 80;
    client_max_body_size 10M;

    # disable in local test env
     ssl_certificate /etc/letsencrypt/live/ts.moicen.com/fullchain.pem; # managed by Certbot
     ssl_certificate_key /etc/letsencrypt/live/ts.moicen.com/privkey.pem; # managed by Certbot

    set $task_server "http://127.0.0.1:8080"; # task server host
    set $htyuc "http://127.0.0.1:3000"; #htyuc host
    set $resty_loc "/usr/local/openresty";

    location / {
        try_files $uri $uri/ /index.html;
        proxy_set_header  Host "ts.moicen.com";
        proxy_set_header  X-Real-IP $remote_addr;
        # disable in local test env
#         proxy_set_header  X-Forwarded-Proto https;
        proxy_set_header  X-Forwarded-For $remote_addr;
        proxy_set_header  X-Forwarded-Host $remote_addr;
    }

#     root $resty_loc/nginx/html/admin;
#     index index.html;

    location /api/v1/ts/ {

        if ($http_origin !~ [a-z]+\.moicen\.com$) {
            return 403;
        }
        add_header Access-Control-Allow-Origin $http_origin;
        add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
        add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        add_header Access-Control-Allow-Credentials true;
        add_header Access-Control-Max-Age 86400;
        if ($request_method = 'OPTIONS') {
            return 200;
        }
        proxy_pass http://127.0.0.1:8080/api/v1/ts/;
    }
}

# server {
#   listen 80;
#   server_name "ts.moicen.com";
#   location / {
#     return 301 https://$host$request_uri;
#   }
# }
add task_server config 2022-01-19 09:36:21 +08:00			`server {`
			`# https://serverfault.com/questions/798734/use-variable-for-server-name-in-nginx#`
			`# server_name $servername;`
			`server_name "ts.moicen.com";`
update ts domain config 2022-01-19 19:17:03 +08:00			`listen 443 ssl;`
add task_server config 2022-01-19 09:36:21 +08:00			`listen 80;`
			`client_max_body_size 10M;`

			`# disable in local test env`
update ts domain config 2022-01-19 19:17:03 +08:00			`ssl_certificate /etc/letsencrypt/live/ts.moicen.com/fullchain.pem; # managed by Certbot`
			`ssl_certificate_key /etc/letsencrypt/live/ts.moicen.com/privkey.pem; # managed by Certbot`
add task_server config 2022-01-19 09:36:21 +08:00
			`set $task_server "http://127.0.0.1:8080"; # task server host`
			`set $htyuc "http://127.0.0.1:3000"; #htyuc host`
			`set $resty_loc "/usr/local/openresty";`

			`location / {`
			`try_files $uri $uri/ /index.html;`
			`proxy_set_header Host "ts.moicen.com";`
			`proxy_set_header X-Real-IP $remote_addr;`
			`# disable in local test env`
			`# proxy_set_header X-Forwarded-Proto https;`
			`proxy_set_header X-Forwarded-For $remote_addr;`
			`proxy_set_header X-Forwarded-Host $remote_addr;`
			`}`

			`# root $resty_loc/nginx/html/admin;`
			`# index index.html;`

			`location /api/v1/ts/ {`
update cross origin config 2022-01-19 21:25:53 +08:00
			`if ($http_origin !~ [a-z]+\.moicen\.com$) {`
			`return 403;`
			`}`
			`add_header Access-Control-Allow-Origin $http_origin;`
			`add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';`
			`add_header Access-Control-Allow-Headers 'Authorization,HtyAdminToken,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';`
			`add_header Access-Control-Allow-Credentials true;`
			`add_header Access-Control-Max-Age 86400;`
			`if ($request_method = 'OPTIONS') {`
			`return 200;`
update ts domain config 2022-01-19 19:17:03 +08:00			`}`
update cross origin config 2022-01-19 21:25:53 +08:00			`proxy_pass http://127.0.0.1:8080/api/v1/ts/;`
add task_server config 2022-01-19 09:36:21 +08:00			`}`
			`}`

			`# server {`
			`# listen 80;`
			`# server_name "ts.moicen.com";`
			`# location / {`
			`# return 301 https://$host$request_uri;`
			`# }`
			`# }`