nideshop-be/nginx.conf

server {
    listen 80;
    server_name example.com www.example.com;
    root /home/jiaciwang/Code/tmp/you_thinkjs/www;
    set $node_port 8360;

    index index.js index.html index.htm;
    if ( -f $request_filename/index.html ){
        rewrite (.*) $1/index.html break;
    }
    if ( !-f $request_filename ){
        rewrite (.*) /index.js;
    }
    location = /index.js {
        proxy_http_version 1.1;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_pass http://127.0.0.1:$node_port$request_uri;
        proxy_redirect off;
    }
    
    location = /development.js {
        deny all;
    }

    location = /testing.js {
        deny all;
    }

    location = /production.js {
        deny all;
    }

    location ~ /static/ {
        etag         on;
        expires      max;
    }
}   




## http/2 nginx conf

# server {
#     listen       80;
#     server_name example.com www.example.com;
#     rewrite ^(.*) https://example.com$1 permanent;
# }
# 
# server {
#     listen 443 ssl http2 fastopen=3 reuseport;
#     server_name www.thinkjs.org thinkjs.org;
#     set $node_port 8360;
# 
#     root /home/jiaciwang/Code/tmp/you_thinkjs/www;
#     
#     keepalive_timeout   70;
# 
#     ssl_certificate /path/to/certificate;
#     ssl_certificate_key /path/to/certificate.key;
#     ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
#     ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
#     ssl_prefer_server_ciphers on;

#     # openssl dhparam -out dhparams.pem 2048
#     ssl_dhparam /path/to/dhparams.pem;
# 
#     ssl_session_cache   shared:SSL:10m;
#     ssl_session_timeout 10m;
# 
#     ssl_session_ticket_key /path/to/tls_session_ticket.key;
#     ssl_session_tickets on;
# 
#     ssl_stapling             on;
#     ssl_stapling_verify      on;
#     ssl_trusted_certificate  /path/to/startssl_trust_chain.crt;
# 
# 
#     add_header x-Content-Type-Options nosniff;
#     add_header X-Frame-Options deny;
#     add_header Strict-Transport-Security "max-age=16070400";
# 
#     index index.js index.html index.htm;
#     if ( -f $request_filename/index.html ){
#         rewrite (.*) $1/index.html break;
#     }
#     if ( !-f $request_filename ){
#         rewrite (.*) /index.js;
#     }
#     location = /index.js {
#         proxy_http_version 1.1;
#         proxy_set_header X-Real-IP $remote_addr;
#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#         proxy_set_header Host $http_host;
#         proxy_set_header X-NginX-Proxy true;
#         proxy_set_header Upgrade $http_upgrade;
#         proxy_set_header Connection "upgrade";
#         proxy_pass http://127.0.0.1:$node_port$request_uri;
#         proxy_redirect off;
#     }
# 
#     location = /production.js {
#         deny all;
#     }
# 
#     location = /testing.js {
#         deny all;
#     }
#
#    location ~ /static/ {
#       etag         on;
#       expires      max;
#    }
#}