Before you submit an issue, please be sure to search through existing issues as well as search through the documentation
- [] I've searched all existing issues
- [] I've read all relevant documentation I could find
Describe your question
return $this->response
->withCookie($this->authService->makeLogoutCookie())
->redirect(admin_path('/login') . '?error=' . urlencode('请先登录'));cat > "$NGINX_AVAILABLE" <<EOF
upstream ${NGINX_SITE_NAME}_hyperf {
server ${HYPERF_HOST}:${HYPERF_PORT};
keepalive 32;
}
# 非 www 域名统一跳到 www,HTTP 也一并跳 HTTPS。
server {
listen 80;
server_name ${DOMAIN};
root ${PUBLIC_ROOT};
server_tokens off;
location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
try_files \$uri =404;
}
location / {
return 301 https://${WWW_DOMAIN}\$request_uri;
}
}
# www 域名的 HTTP 请求统一跳到 HTTPS。
server {
listen 80;
server_name ${WWW_DOMAIN};
root ${PUBLIC_ROOT};
server_tokens off;
location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
try_files \$uri =404;
}
location / {
return 301 https://${WWW_DOMAIN}\$request_uri;
}
}
# 已经是 HTTPS 但仍访问裸域名时,继续跳到 https://www。
server {
listen 443 ssl;
server_name ${DOMAIN};
server_tokens off;
http2 on;
ssl_certificate ${LETSENCRYPT_LIVE_DIR}/fullchain.pem;
ssl_certificate_key ${LETSENCRYPT_LIVE_DIR}/privkey.pem;
return 301 https://${WWW_DOMAIN}\$request_uri;
}
# 真正对外服务的规范域名。
server {
listen 443 ssl;
server_name ${WWW_DOMAIN};
root ${PUBLIC_ROOT};
index index.html;
charset utf-8;
client_max_body_size ${CLIENT_MAX_BODY_SIZE};
server_tokens off;
http2 on;
access_log ${ACCESS_LOG};
error_log ${ERROR_LOG} warn;
ssl_certificate ${LETSENCRYPT_LIVE_DIR}/fullchain.pem;
ssl_certificate_key ${LETSENCRYPT_LIVE_DIR}/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 5;
gzip_min_length 1024;
gzip_types
text/plain
text/css
text/xml
application/json
application/javascript
application/xml
application/xml+rss
image/svg+xml;
gzip_static on;
location = /favicon.ico {
try_files \$uri =404;
access_log off;
log_not_found off;
expires 30d;
}
location = /robots.txt {
try_files \$uri =404;
access_log off;
log_not_found off;
expires 1d;
}
location ~* \.(?:css|js|mjs|map)$ {
# 前端静态资源只走 public 目录,缺失时直接返回 404,避免无意义地回源到 Hyperf。
try_files \$uri =404;
expires 7d;
add_header Cache-Control "public, max-age=604800";
}
location ~* \.(?:svg|woff2?|ttf|eot)$ {
try_files \$uri =404;
expires 30d;
add_header Cache-Control "public, max-age=2592000";
access_log off;
}
location ~* \.(?:jpg|jpeg|png|gif|webp|avif|ico)$ {
try_files \$uri =404;
expires 30d;
add_header Cache-Control "public, max-age=2592000";
access_log off;
}
location / {
try_files \$uri @hyperf;
}
location @hyperf {
proxy_set_header Host \$http_host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";
proxy_connect_timeout 5s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
proxy_pass http://${NGINX_SITE_NAME}_hyperf;
}
}
EOF加了这个配置也不行,本地复现不出来,上线就是这样,不知道哪里有坑
nginx version: nginx/1.30.0
Before you submit an issue, please be sure to search through existing issues as well as search through the documentation
Describe your question
加了这个配置也不行,本地复现不出来,上线就是这样,不知道哪里有坑
nginx version: nginx/1.30.0