Files
jiedian/server/nginx/panel.conf.template
dekun 78b85c0d83 feat: enable HTTPS admin panel on port 443 for new deployments
Add Nginx SSL panel config, enable-panel-https.sh, secure Flask cookies, and update docs for https login.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-28 00:46:08 +08:00

55 lines
1.3 KiB
Plaintext
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# HTTPACME 验证 + 面板跳转 HTTPS
server {
listen 80;
listen [::]:80;
server_name __DOMAIN__;
root /var/www/acme;
location /.well-known/acme-challenge/ {
default_type "text/plain";
try_files $uri =404;
}
location ^~ __PANEL_LOCATION__ {
return 301 https://$host$request_uri;
}
location / {
return 200 'ok';
add_header Content-Type text/plain;
}
}
# HTTPS:管理面板
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name __DOMAIN__;
ssl_certificate /etc/sing-box/certs/fullchain.pem;
ssl_certificate_key /etc/sing-box/certs/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
location ^~ __PANEL_LOCATION__ {
__PANEL_ALLOW__
proxy_pass http://127.0.0.1:5080/;
proxy_http_version 1.1;
proxy_connect_timeout 10s;
proxy_send_timeout 120s;
proxy_read_timeout 120s;
proxy_set_header Host __DOMAIN__;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Host __DOMAIN__;
proxy_set_header X-Forwarded-Prefix __PANEL_PREFIX__;
}
location / {
return 404;
}
}