From eb700dd168e18293dffac5507f6cccc40c6c28af Mon Sep 17 00:00:00 2001 From: wangxiang <1827945911@qq.com> Date: Thu, 25 Jan 2024 18:36:32 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20https=20=E5=A4=A7=E5=B1=8F=E9=83=A8?= =?UTF-8?q?=E7=BD=B2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docker/prod/default.conf | 52 ++++++++++++++++ .../prod/secret/bigscreen.kanglailab.com.key | 27 ++++++++ .../prod/secret/bigscreen.kanglailab.com.pem | 62 +++++++++++++++++++ 3 files changed, 141 insertions(+) create mode 100644 docker/prod/secret/bigscreen.kanglailab.com.key create mode 100644 docker/prod/secret/bigscreen.kanglailab.com.pem diff --git a/docker/prod/default.conf b/docker/prod/default.conf index 578e59f..5a0ef45 100644 --- a/docker/prod/default.conf +++ b/docker/prod/default.conf @@ -72,6 +72,58 @@ server { } } +# 大屏设计器 +server { + # 自定义访问端口 + listen 8085; + + # 服务名称 + server_name bigscreen.kanglailab.com; + + # 把http的域名请求转成https + return 301 https://$host$request_uri; +} + +server { + # 自定义访问端口 + listen 443 ssl; + client_max_body_size 100M; + + # 服务名称 + server_name bigscreen.kanglailab.com; + + # ssl证书地址 + ssl_certificate /secret/bigscreen.kanglailab.com.pem; # pem文件的路径 + ssl_certificate_key /secret/bigscreen.kanglailab.com.key; # key文件的路径 + + # ssl验证相关配置 + ssl_session_timeout 5m; #缓存有效期 + ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #安全链接可选的加密协议 + ssl_prefer_server_ciphers on; #使用服务器端的首选算法 + + #设置转发请求头参数 + proxy_connect_timeout 15s; + proxy_send_timeout 15s; + proxy_read_timeout 15s; + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + error_page 497 https://$host$request_uri; + + # 代理访问 + location / { + proxy_pass http://localhost:8085; + } + + # 代理访问后端微服务网关地址 + location ^~/prod-api/ { + rewrite ^/prod-api/(.*)$ /$1 break; + proxy_pass https://kicc-gateway.kanglailab.com; + } +} + + # kicc服务端网关 server { # 自定义访问端口 diff --git a/docker/prod/secret/bigscreen.kanglailab.com.key b/docker/prod/secret/bigscreen.kanglailab.com.key new file mode 100644 index 0000000..c79a1f1 --- /dev/null +++ b/docker/prod/secret/bigscreen.kanglailab.com.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAy83A/rxvhIX9vFdXecMODoXHwF73ffhhsYYjdODEnRbvvo1Z +ml1CH2BPfNXdX6yMwN5r5xPzcddoIBN4IOX+06oI+FoyYnSo/tgLtgHKcCjXTcZe +SAlYh/TFIdPhOQTgIL54PdTcRnZf7DZNqUitW8BBVfjiMal078KM70d/AMRw5xie +/g91lLSM+YjkHIxKH7ttxbcLwSMrozRnXip5FPOjWcOGMqt94sN5JWgOHRMpJgX8 +BYfKfJustgoMCkp8JJAFML6fe/2V9X4OHlh7lZlZfLcUxmhPzj7xY+opl6QrKaqi +cQCbsiHE7mgCngJlkd0Hg1EMeKUbEaZxe7BrrQIDAQABAoIBAAi+OW7UL6aMRv/a +8V5AX2yBEboveMeXLb27Zu7/K4AfuUY/8x2brZgB/jb5R8dwdBNcF13w7asvFgD2 +RNuIcl+rNjpNSEcQASX5p7r1pbUdE2t7PJUzjXA7sG9MkydqjaDp+ueQJ6kAMApG +pBtEimdavpLNHAsMXX9hpcEoHIswTojoZHAQzrx00t61BN0HTevvhnzS0BBzGRLw +D634yEKAIuu/Mb4wvCOdZm8XitCUjL/2Vc0Khdqy5NDG263bNx+s90UPQyocrR+s +Yf4ngvXThHX3ukURmj7kR0tpjbXqHwdhbiBoFo9dNyjyh9DK2PpXwT9waWNl/TYI +BM6G5RECgYEA+Ya2RBy4XWzngDzeIOapE4SH0/KpUqo1QCLOedpYN2DNEMbCOS30 +632GY80KyYAU77TrkRl78jIWAcN4i3T11xVUDWZLnUaCyMF59X3MtWLdoircwafI +TPcZf3/6yQmIcJpW8K6rU/gVZmeD9NmARBqIFriixCSdGzcbfRg5PDUCgYEA0Rdd +c73xcy+gT+62LvgjI18zj/Vx5K5K+b+T5lGQCfPaUkzh7vgx92OBR2FhgrOKmbsf +cn2omtrGivjKMBJQDF7xw26eJenrO4eO2SigbuQ/CUUt2HzVKImcb7AMOvPU5LfN +7zxfTJo+xAm4DOsxEUlfoZoiWOrf1Zo8wOSbsJkCgYEAjHGlLwsXPgZo+oXH5K7P +JVwn80SWxx9kH3g3zN/3XRwP78xfTz2tp8ocFRo4YxfDMPQczquQVs6YEmAJ/jxT +jr7Dc1NLZfdk70futB0dVk6SPo9vd1RPafp+kIPhDLxf3jkQjCFT70woB15mKC8v +gaWJSXicrFeLUeEfiLZUqK0CgYANlBbdjVhAwrcGedoa8sJVablPgAEFeMwlq+tO +6b0Q6GUlMxj5C+Uyy6N5nzlV45L8qMpCBScN52c9XyrCNG4+X2wT5PsgOzCrjQIZ +2CmTCf+N+pAfnvu4xjcCicxBh9QrhkQ5ZRJLRzkMQhVRwXROSxWKyRex7o7asEmB +vVbfAQKBgQCWFgp6986Shb60DNw91nAoq0ntRypflHcqzhZB1T06OuIlnDNOKaGL +flIqZCdLUjTrGKI4ms1mvjf+lbM0vCSkKv4vB8IEZM7JUYkfxcmWnvgGLG7BlPR0 +sOV7retDiWxcYDfDGLMggyNlDRZ0pVtEiCA+q6pEewunByMcp/LksA== +-----END RSA PRIVATE KEY----- diff --git a/docker/prod/secret/bigscreen.kanglailab.com.pem b/docker/prod/secret/bigscreen.kanglailab.com.pem new file mode 100644 index 0000000..c49914a --- /dev/null +++ b/docker/prod/secret/bigscreen.kanglailab.com.pem @@ -0,0 +1,62 @@ +-----BEGIN CERTIFICATE----- +MIIGCDCCBPCgAwIBAgIQClo1zgshJy+GW9HRXpARLDANBgkqhkiG9w0BAQsFADBu +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg +RFYgVExTIENBIC0gRzIwHhcNMjQwMTI1MDAwMDAwWhcNMjQwNDIzMjM1OTU5WjAj +MSEwHwYDVQQDExhiaWdzY3JlZW4ua2FuZ2xhaWxhYi5jb20wggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQDLzcD+vG+Ehf28V1d5ww4OhcfAXvd9+GGxhiN0 +4MSdFu++jVmaXUIfYE981d1frIzA3mvnE/Nx12ggE3gg5f7Tqgj4WjJidKj+2Au2 +AcpwKNdNxl5ICViH9MUh0+E5BOAgvng91NxGdl/sNk2pSK1bwEFV+OIxqXTvwozv +R38AxHDnGJ7+D3WUtIz5iOQcjEofu23FtwvBIyujNGdeKnkU86NZw4Yyq33iw3kl +aA4dEykmBfwFh8p8m6y2CgwKSnwkkAUwvp97/ZX1fg4eWHuVmVl8txTGaE/OPvFj +6imXpCspqqJxAJuyIcTuaAKeAmWR3QeDUQx4pRsRpnF7sGutAgMBAAGjggLrMIIC +5zAfBgNVHSMEGDAWgBR435GQX+7erPbFdevVTFVT7yRKtjAdBgNVHQ4EFgQU6O/j +ZjIFOL57QOQsuKWbAEzVFGwwIwYDVR0RBBwwGoIYYmlnc2NyZWVuLmthbmdsYWls +YWIuY29tMD4GA1UdIAQ3MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6 +Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYw +FAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGABggrBgEFBQcBAQR0MHIwJAYIKwYBBQUH +MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBKBggrBgEFBQcwAoY+aHR0cDov +L2NhY2VydHMuZGlnaWNlcnQuY29tL0VuY3J5cHRpb25FdmVyeXdoZXJlRFZUTFND +QS1HMi5jcnQwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFo +AHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGNQBkfXAAABAMA +RjBEAiAOoDqLEdJNONQKH5ooYUnBRxFCu9k1EtO0z7zF6C/Y5AIgE2V/pUgNKYq+ +yyvKrHKzm/2gq/DzMSTw2vxi04g9CK8AdgBIsONr2qZHNA/lagL6nTDrHFIBy1bd +LIHZu7+rOdiEcwAAAY1AGR79AAAEAwBHMEUCIQDSKCGkdcu6dUvtjNAo2uuPDy+Q +nVqHfKI8u/4i/pA3jAIgZuFaiUtanxxSMR7jli0GZDZJ/VMPOmlNhdXXRjwW+N4A +dwDatr9rP7W2Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAY1AGR7PAAAEAwBI +MEYCIQDsl5gnTfO6m19ya6G81qXTmdOSEwrfczX2s9k7Mxi3gwIhALk64cyT2QYS +s5DLBb//r/op7lqXlRmcVKEEVGOuQ6K5MA0GCSqGSIb3DQEBCwUAA4IBAQAOFsuy +sucP/T4oiuRTsJfsRZ9v+P+ziE4rXHFQl+H6mR7PkRx8J5s7qXg3uUULeXAsbHrM +Ki4kxJQwzsL4fPsyW4Aq+Wdeks8YrPWIUgqHQc2iPFOYccd0awUA2Vu8pAnDzLLt +Pv2RV1Rethy70Xi6EzXwiWKfk4JG78WWjPhQ6YuAjAChfH9jxoOHgRl2t7AfXeLD +3RJ7YEan/xKD7tK12L2KFC83S/sV7ugbJwnu13oO1tf85L7ROpIbvV4/b+aIK4lL +LCH7yvu0jBsBN2pfFOJHPQ/Kk6DO5QyLjSuGBsS610J+s3Nfwt/0MBn3Za5fI0ai +pu6KUR5u6ZsW+Qk+ +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIQDeD/te5iy2EQn2CMnO1e0zANBgkqhkiG9w0BAQsFADBh +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH +MjAeFw0xNzExMjcxMjQ2NDBaFw0yNzExMjcxMjQ2NDBaMG4xCzAJBgNVBAYTAlVT +MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j +b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH +MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO8Uf46i/nr7pkgTDqnE +eSIfCFqvPnUq3aF1tMJ5hh9MnO6Lmt5UdHfBGwC9Si+XjK12cjZgxObsL6Rg1njv +NhAMJ4JunN0JGGRJGSevbJsA3sc68nbPQzuKp5Jc8vpryp2mts38pSCXorPR+sch +QisKA7OSQ1MjcFN0d7tbrceWFNbzgL2csJVQeogOBGSe/KZEIZw6gXLKeFe7mupn +NYJROi2iC11+HuF79iAttMc32Cv6UOxixY/3ZV+LzpLnklFq98XORgwkIJL1HuvP +ha8yvb+W6JislZJL+HLFtidoxmI7Qm3ZyIV66W533DsGFimFJkz3y0GeHWuSVMbI +lfsCAwEAAaOCAU8wggFLMB0GA1UdDgQWBBR435GQX+7erPbFdevVTFVT7yRKtjAf +BgNVHSMEGDAWgBROIlQgGJXm427mD/r6uRLtBhePOTAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C +AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp +Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu +Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG +/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAoBs1eCLKakLtVRPFRjBIJ9LJ +L0s8ZWum8U8/1TMVkQMBn+CPb5xnCD0GSA6L/V0ZFrMNqBirrr5B241OesECvxIi +98bZ90h9+q/X5eMyOD35f8YTaEMpdnQCnawIwiHx06/0BfiTj+b/XQih+mqt3ZXe +xNCJqKexdiB2IWGSKcgahPacWkk/BAQFisKIFYEqHzV974S3FAz/8LIfD58xnsEN +GfzyIDkH3JrwYZ8caPTf6ZX9M1GrISN8HnWTtdNCH2xEajRa/h9ZBXjUyFKQrGk2 +n2hcLrfZSbynEC/pSw/ET7H5nWwckjmAJ1l9fcnbqkU/pf6uMQmnfl0JQjJNSg== +-----END CERTIFICATE-----