daoqi/youlegames
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cd4ddb606d93f9202d2c0d16794bb174d9261625
youlegames/codes/agent/game-docker/docker/nginx/default.conf.template
Joywayer cd4ddb606d 增加docke部署
2026-04-10 16:44:13 +08:00

131 lines
4.1 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
upstream api_service {
server api:80;
}
upstream dlweb_service {
server dlweb:80;
}
upstream wxserver_service {
server wxserver:3000;
}
# =============================================
# 域名路由模式 + SSLLet's Encrypt 自动证书)
#
# 域名由 .env 文件中的 API_DOMAIN / DLWEB_DOMAIN / WX_DOMAIN 自动注入
# 修改域名只需编辑 .env 然后 docker compose restart nginx
#
# ================== 微信域名配置指南 ==================
#
# .env 中配置的 3 个域名对应:
# ${API_DOMAIN} → 网站1: game-docker/api
# ${DLWEB_DOMAIN} → 网站2: game-docker/dlweb/api
# ${WX_DOMAIN} → 网站3: game-docker/wxserver_daoqi
#
# 【微信小程序后台】(mp.weixin.qq.com → 开发管理 → 开发设置)
# - request 合法域名: https://${WX_DOMAIN}
# - 业务域名: ${WX_DOMAIN}
# (验证文件放到 wxserver_daoqi/public/MP_verify_xxx.txt)
#
# 【微信公众号后台】(mp.weixin.qq.com → 设置与开发 → 公众号设置)
# - 业务域名: ${API_DOMAIN}
# (验证文件在 api/ 根目录)
# - JS接口安全域名: ${API_DOMAIN}
# - 网页授权域名: ${WX_DOMAIN}
#
# 【微信支付后台】(pay.weixin.qq.com)
# - 支付授权目录: https://${DLWEB_DOMAIN}/
# - 支付回调通知: 由代码中 notify_url 指定
#
# =============================================
# =============================================
# SSL 通用配置(被各 server 块 include
# =============================================
# 注意: ssl-params.conf 由 init-ssl.sh 生成到
# /etc/nginx/snippets/ssl-params.conf
# ===== HTTP → HTTPS 统一重定向 + ACME 验证 =====
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
# Let's Encrypt 域名验证 (必须保留)
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
# 健康检查(供内部/负载均衡器使用,不重定向)
location /health {
return 200 'OK';
add_header Content-Type text/plain;
}
# 其余全部 301 重定向到 HTTPS
location / {
return 301 https://$host$request_uri;
}
}
# ===== 网站1: 游戏核心 API (公众号后台) =====
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${API_DOMAIN};
ssl_certificate /etc/letsencrypt/live/${API_DOMAIN}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${API_DOMAIN}/privkey.pem;
include /etc/nginx/snippets/ssl-params.conf;
location / {
proxy_pass http://api_service;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# ===== 网站2: 代理管理后台 (微信支付) =====
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${DLWEB_DOMAIN};
ssl_certificate /etc/letsencrypt/live/${DLWEB_DOMAIN}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${DLWEB_DOMAIN}/privkey.pem;
include /etc/nginx/snippets/ssl-params.conf;
location / {
proxy_pass http://dlweb_service;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# ===== 网站3: 微信小程序后端 =====
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ${WX_DOMAIN};
ssl_certificate /etc/letsencrypt/live/${WX_DOMAIN}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/${WX_DOMAIN}/privkey.pem;
include /etc/nginx/snippets/ssl-params.conf;
location / {
proxy_pass http://wxserver_service;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
Reference in New Issue View Git Blame Copy Permalink