1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
| server { listen 80; #监听80端口 listen 443 default quic reuseport; #开启http3 quic listen 443 default ssl; 开启ssl
http2 on; #开启http2支持
server_name fantasy.kim www.fantasy.kim; #监听地址
ssl_certificate /home/ssl/fantasy.crt; #ssl签名证书 ssl_certificate_key /home/ssl/fantasy.key; #ssl签名密钥
ssl_session_cache shared:SSL:10M; #ssl缓存大小 ssl_session_timeout 10M;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_buffer_size 4k; ssl_ciphers 'ECDHE+AESGCM:DHE+AESGCM:HIGH:!aNULL:!MD5;'; ssl_prefer_server_ciphers on;
access_log /home/hexo/logs/access.log main; #log 文件地址 error_log /home/hexo/logs/error.log error; #error log 文件地址
location / { if ($http_x_forwarded_proto != "https") { rewrite ^/(.*)$ https://fantasy.kim/$1 permanent; } #http重定向到https gzip_static on; #使用gzip推送 root /home/hexo/public; #项目根目录 index index.html; error_page 404 404.html; } }
|