server { # todo: put me into nginx.conf `http` section # log_format huiwing_api_log '"$time_local" client=$remote_addr ' # 'method=$request_method request="$request" ' # 'request_length=$request_length ' # 'status=$status bytes_sent=$bytes_sent ' # 'body_bytes_sent=$body_bytes_sent ' # 'referer=$http_referer ' # 'user_agent="$http_user_agent" ' # 'upstream_addr=$upstream_addr ' # 'upstream_status=$upstream_status ' # 'request_time=$request_time ' # 'upstream_response_time=$upstream_response_time ' # 'upstream_connect_time=$upstream_connect_time ' # 'upstream_header_time=$upstream_header_time'; # # access_log /usr/local/openresty/nginx/logs/huiwing_api.log huiwing_api_log; proxy_read_timeout 30; proxy_connect_timeout 30; proxy_send_timeout 30; # https://serverfault.com/questions/798734/use-variable-for-server-name-in-nginx# # server_name $servername; server_name "admin.moicen.com"; listen 443 ssl; client_max_body_size 20M; # disable in local test env ssl_certificate /etc/letsencrypt/live/moicen.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/moicen.com/privkey.pem; # managed by Certbot set $tmp_file_dir "/file_upload"; # 文件存储路径 set $task_server "http://127.0.0.1:8080"; # Java task_server set $huiwing_htyts_rust "127.0.0.1:3003"; set $htyuc "http://127.0.0.1:3000"; #htyuc host set $resty_loc "/usr/local/openresty"; set $convert "/usr/bin/convert"; set $upyun_operator "moicen"; set $upyun_password "NyJ51zRwFApY9Wo9EHJMrb8GI9YtvpVN"; set $upyun_bucket "moicen"; set $upyun_directory "music-room"; set $upyun_domain "https://upyun.moicen.com"; set $upyun_cdn "https://upyun.moicen.com/"; set $wx_domain "wx.moicen.com"; set $upt_huiwings_secret "C5E4B01EC86A4CE8A84871EA2C826DD1"; set $upt_moicen_secret "339666FBB93C46D7B00D9F6E790C6C18"; set $upt_alchemy_secret "0D32E581A445404FA4C306709724FA07"; set $upt_duration 3600; location / { try_files $uri $uri/ /index.html; proxy_set_header Host "admin.moicen.com"; proxy_set_header X-Real-IP $remote_addr; # disable in local test env proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Host $remote_addr; } root $resty_loc/nginx/html/admin; index index.html; add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS' always; add_header Access-Control-Allow-Headers 'Authorization,unionid,HtySudoerToken,HtyHost,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Max-Age 86400 always; if ($request_method = 'OPTIONS') { return 200; } #Upload image files location /api/ngx/image/upload { content_by_lua_file $resty_loc/nginx/scripts/old_upload.lua; } #upload image from weixin media location /api/ngx/image/wx_upload_single { content_by_lua_file $resty_loc/nginx/scripts/wx_upload_single.lua; } #upload image files to combine by form location /api/ngx/image/form_upload_to_combine { content_by_lua_file $resty_loc/nginx/scripts/form_upload_to_combine.lua; } #Upload image files to combine by wx location /api/ngx/image/wx_upload_to_combine { content_by_lua_file $resty_loc/nginx/scripts/wx_upload_to_combine.lua; } #compress image file by form location /api/ngx/image/form_upload_to_compress { content_by_lua_file $resty_loc/nginx/scripts/form_upload_to_compress.lua; } #Combine image files location /api/ngx/image/combine { content_by_lua_file $resty_loc/nginx/scripts/combine.lua; } location /api/ngx/image/check { content_by_lua_file $resty_loc/nginx/scripts/check_file.lua; } location /api/ngx/image/upload_combined { content_by_lua_file $resty_loc/nginx/scripts/upload_combined_image.lua; } location /api/ngx/image/upyun_remove { content_by_lua_file $resty_loc/nginx/scripts/upyun_remove.lua; } #Audio file download location /api/ngx/audio/upload { content_by_lua_file $resty_loc/nginx/scripts/upload_audio.lua; } #Audio file convert location /api/ngx/audio/convert { content_by_lua_file $resty_loc/nginx/scripts/convert_audio.lua; } location /api/ngx/upt { content_by_lua_file $resty_loc/nginx/scripts/upt.lua; } location /api/ngx/convert/test { content_by_lua_file $resty_loc/nginx/scripts/test.lua; } location /api/v1/kc/ { proxy_pass http://127.0.0.1:3002/api/v1/kc/; } location /api/v1/ws/ { proxy_pass http://127.0.0.1:3001/api/v1/ws/; } location /api/v1/uc/ { proxy_pass http://127.0.0.1:3000/api/v1/uc/; } # 管理端历史路径 /api/v1/proc/*(与 /api/v2/proc/ 同 upstream Rust htyproc) # 勿在 proxy_pass 的 host 段使用变量 + URI 路径组合,否则 nginx 可能不把 URI 正确传给 axum(对端 404)。 location /api/v1/proc/ { proxy_pass http://127.0.0.1:3004/api/v1/proc/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /api/v2/ts/ { rewrite ^/api/v2/ts/$ /api/v1/ts break; rewrite ^/api/v2/ts/(.+)$ /api/v1/ts/$1 break; proxy_pass http://127.0.0.1:3003; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /api/v2/proc/ { proxy_pass http://127.0.0.1:3004/api/v1/proc/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } server { listen 80; server_name "admin.moicen.com"; location / { return 301 https://$host$request_uri; } }