|
发表于 2023-10-8 09:13:57
|
显示全部楼层
#最后Nginx配置:
server {
listen 80;
server_name oa.example.com;
rewrite ^/(.*)$ https://oa..com/$1 permanent;
}
server {
listen 443 ssl http2;
server_name oa.example.com oa-20020.example.com oa-20030.example.com;
client_max_body_size 200m;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_prefer_server_ciphers off;
ssl_certificate /usr/local/openresty/nginx/conf/certs/5365854__example.com.pem;
ssl_certificate_key /usr/local/openresty/nginx/conf/certs/5365854__example.com.key;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384HE-RSA-AES256-GCM-SHA384";
#include conf.d/ip_limit;
#proxy_intercept_errors off;
add_header Access-Control-Allow-Methods 'PUT,POST,GET,DELETE,OPTIONS';
add_header Access-Control-Allow-Origin oa.example.com;
add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
add_header Access-Control-Allow-Credentials true;
location / {
proxy_buffer_size 512k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
proxy_temp_file_write_size 512k;
proxy_set_header Host $http_host;
proxy_set_header REMOTE_ADDR $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_hide_header 'access-control-allow-origin';
add_header 'access-control-allow-origin' '*';
proxy_next_upstream http_500 http_502 http_503 error timeout;
proxy_pass http://ingress;
}
}
#主要是o2oa里面配置里所有转为443
{
"enable": true,
"center": {
"enable": true,
"order": 0,
"sslEnable": false,
"port": 20020,
"httpProtocol": "https",
"proxyHost": "oa.example.com",
"proxyPort": 443
},
"application": {
"enable": true,
"port": 20020,
"sslEnable": false,
"proxyHost": "oa.example.com",
"proxyPort": 443,
"includes": [],
"excludes": [
"com.x.base.core.project.x_mind_assemble_control",
"com.x.base.core.project.x_meeting_assemble_control",
"com.x.base.core.project.x_attendance_assemble_control"
]
},
"web": {
"enable": true,
"port": 20020,
"sslEnable": false,
"proxyHost": "oa.example.com",
"proxyPort": 443,
"proxyCenterEnable": true,
"proxyApplicationEnable": true,
"proxyTimeOut": 300
},
"data": {
"enable": false,
"tcpPort": 20050,
"webPort": 20051,
"includes": [],
"excludes": [],
"jmxEnable": false,
"cacheSize": 512,
"logLevel": "WARN",
"maxTotal": 50,
"maxIdle": 0,
"statEnable": false,
"statFilter": "mergeStat",
"slowSqlMillis": 2000,
"lockTimeout": 120000
},
"storage": {
"enable": true,
"port": 20040,
"sslEnable": false,
"name": "251",
"prefix": "",
"deepPath": false
},
"dumpData": {
"enable": false,
"cron": "",
"size": 7,
"path": ""
},
"restoreData": {
"enable": false,
"cron": "",
"path": ""
},
"nodeAgentEnable": true,
"nodeAgentPort": 20010,
"nodeAgentEncrypt": true,
"autoStart": true,
"selfHealthCheckEnable": false
}
|
|