jumpserver nginx配置
作者:互联网
server {
listen 80;
# listen [::]:80;
# server_name demo.jumpserver.org; # ................................................
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
# listen [::]:443 ssl;
# server_name demo.jumpserver.org; # ................................................
server_tokens off;
ssl_certificate cert/server.crt; # ...... server.crt ..............., ............... certs/
ssl_certificate_key cert/server.key; # ...... server.key ..............., ............... certs/
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE:!DES:!ECDHE-RSA-DES-CBC3-SHA;
add_header Strict-Transport-Security "max-age=31536000" always;
ssl_prefer_server_ciphers off;
client_max_body_size 4096m;
location / {
proxy_pass http://http_server;
proxy_buffering off;
proxy_request_buffering off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_ignore_client_abort on;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 6000;
}
}
标签:off,ssl,配置,header,server,nginx,proxy,timeout,jumpserver 来源: https://www.cnblogs.com/yzgblogs/p/15704098.html