【证书必须是通配的子域名】
#
# The default server
#
upstream blog{
server localhost:7000;
}
upstream game{
server localhost:8080;
}
upstream forum{
server localhost:8080;
}
server {
listen 80 default_server;
listen 443;
listen [::]:80 default_server;
server_name ~^(?.+)\.DOMAIN\.com$;
ssl on;
ssl_certificate_key /opt/cert/com.key;
ssl_certificate /opt/cert/pub.cer;
location ~ \.(ani|mp3|fsr|json|ttf|css|gif|jpg|jpeg|png|bmp|swfi|html|js|xml|txt|swoff|swoff2)$ {
root /usr/share/nginx/html/$subdomain;
error_page 405 = $uri;
}
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
index index.html index.htm;
proxy_pass http://$subdomain;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_headers_hash_max_size 51200;
proxy_headers_hash_bucket_size 6400;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
网友评论