server_name zhiqiang.cloud;
listen 80; # 代理端口, 通过此端口重定向到443访问, 不再通过8080端口
if ($host = zhiqiang.cloud) { # 修改成你的域名或者注释掉,多个域名,以空格分开
return 301 https://$host$request_uri; # 将 http 重定向 https
return 404; # 访问80端口跳转404状态码
listen 443 ssl; # 服务器开启443端口, 以后将通过此端口进行访问, 不再通过8080端口
server_name zhiqiang.cloud; # 修改成你的域名或者注释掉,多个域名,以空格分开
ssl_certificate /etc/nginx/conf.d/ssl/zhiqiang.cloud.pem; # pem文件的路径
ssl_certificate_key /etc/nginx/conf.d/ssl/zhiqiang.cloud.key; # key文件的路径
ssl_session_timeout 5m; # 缓存有效期
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # 安全链接可选的加密协议
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; # 加密算法
ssl_prefer_server_ciphers on; # 使用服务器端的首选算法
client_max_body_size 100m; # 录像及文件上传大小限制
proxy_pass http://luna:4200;
location /media/replay/ {
add_header Content-Encoding gzip;
root /opt/jumpserver-v2.13.1/data/;
root /opt/jumpserver-v2.13.1/data/;
root /opt/jumpserver-v2.13.1/data/;
proxy_pass http://koko:5000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://lion:8081;
proxy_request_buffering off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_ignore_client_abort on;
proxy_connect_timeout 600;
proxy_pass http://core:8070;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://core:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://core:8080;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://lina:9528;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
rewrite ^/(.*)$ /ui/$1 last;