server {
    # 自定义访问端口
    listen 3002 ssl;
    client_max_body_size 100M;

    # 服务名称
    server_name kicc.kanglailab.com;

    # 代理访问根地址
    root /data;

    # ssl证书地址
    ssl_certificate      /secret/ssl.pem;  # pem文件的路径
    ssl_certificate_key  /secret/ssl.key;  # key文件的路径

    # ssl验证相关配置
    ssl_session_timeout  5m;    #缓存有效期
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;    #加密算法
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    #安全链接可选的加密协议
    ssl_prefer_server_ciphers on;           #使用服务器端的首选算法

    #设置转发请求头参数
    proxy_connect_timeout 15s;
    proxy_send_timeout 15s;
    proxy_read_timeout 15s;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    error_page 497 https://$host$request_uri;
    # Nginx 服务器上的 CORS（跨源资源共享）配置
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,Cache-Control,X-Mx-ReqToken,X-Requested-With';
    add_header 'Access-Control-Allow-Methods' '*';

    # 代理访问
    location / {
      try_files $uri $uri/ /index.html;
      error_page 405 =200 http://$host$request_uri;
    }
}