mirror of https://github.com/IoTcat/ushio-etc.git
parent
eb03acf161
commit
fca9db47ec
4 changed files with 71 additions and 7 deletions
@ -0,0 +1,42 @@ |
||||
# generated 2021-08-23, Mozilla Guideline v5.6, nginx 1.21.1, OpenSSL 1.1.1d, modern configuration, no OCSP |
||||
# https://ssl-config.mozilla.org/#server=nginx&version=1.21.1&config=modern&openssl=1.1.1d&ocsp=false&guideline=5.6 |
||||
server { |
||||
listen 80; |
||||
listen [::]:80; |
||||
server_name v-usa.yimian.xyz; |
||||
|
||||
location / { |
||||
return 301 https://$host$request_uri; |
||||
} |
||||
} |
||||
|
||||
server { |
||||
listen 443 ssl http2; |
||||
listen [::]:443 ssl http2; |
||||
server_name v-usa.yimian.xyz; |
||||
|
||||
ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; |
||||
ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; |
||||
ssl_session_timeout 1d; |
||||
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions |
||||
ssl_session_tickets off; |
||||
|
||||
# modern configuration |
||||
ssl_protocols TLSv1.3; |
||||
ssl_prefer_server_ciphers off; |
||||
|
||||
# HSTS (ngx_http_headers_module is required) (63072000 seconds) |
||||
add_header Strict-Transport-Security "max-age=63072000" always; |
||||
|
||||
location / { |
||||
proxy_pass http://v2ray:82/; |
||||
proxy_read_timeout 300s; |
||||
proxy_send_timeout 300s; |
||||
proxy_set_header Host $host; |
||||
proxy_set_header X-Real-IP $remote_addr; |
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
proxy_http_version 1.1; |
||||
proxy_set_header Upgrade $http_upgrade; |
||||
proxy_set_header Connection $connection_upgrade; |
||||
} |
||||
} |
@ -0,0 +1,28 @@ |
||||
server { |
||||
listen 80; |
||||
#listen [::]:80; |
||||
server_name v2ray.yimian.xyz; |
||||
rewrite ^(.*)$ https://$host$1 permanent; |
||||
} |
||||
|
||||
|
||||
server { |
||||
# listen 80; |
||||
# listen [::]:80; |
||||
listen 443 ssl; |
||||
|
||||
server_name v2ray.yimian.xyz; |
||||
root /home/www/v2ray; |
||||
index index.php index.html; |
||||
client_max_body_size 50m; |
||||
|
||||
ssl_certificate /mnt/config/ssl/yimian.xyz/yimian.xyz.crt; #2 |
||||
ssl_certificate_key /mnt/config/ssl/yimian.xyz/yimian.xyz.key; #3 |
||||
|
||||
|
||||
# Load configuration files for the default server block. |
||||
include /mnt/etc/common/nginx/default.d/*.conf; |
||||
|
||||
location / { |
||||
} |
||||
} |
Loading…
Reference in new issue