# 暫時規範管理系統主站 server { listen 80; server_name localhost; # 重定向到 HTTPS (可選,需要 SSL 證書) # return 301 https://$server_name$request_uri; # 應用程式代理 location / { proxy_pass http://app:5000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket 支援 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # 超時設定 proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; } # ONLYOFFICE Document Server 代理 location /onlyoffice/ { proxy_pass http://onlyoffice:80/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # ONLYOFFICE 特殊設定 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_redirect off; # 大檔案上傳支援 client_max_body_size 100M; proxy_request_buffering off; } # 靜態檔案快取 location /static/ { proxy_pass http://app:5000/static/; expires 1y; add_header Cache-Control "public, immutable"; } # 健康檢查 location /health { proxy_pass http://app:5000/; access_log off; } # 錯誤頁面 error_page 404 /404.html; error_page 500 502 503 504 /50x.html; } # HTTPS 設定 (需要 SSL 證書) # server { # listen 443 ssl http2; # server_name localhost; # # ssl_certificate /etc/nginx/ssl/cert.pem; # ssl_certificate_key /etc/nginx/ssl/key.pem; # ssl_protocols TLSv1.2 TLSv1.3; # ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384; # ssl_prefer_server_ciphers off; # ssl_session_cache shared:SSL:10m; # ssl_session_timeout 10m; # # # HSTS # add_header Strict-Transport-Security "max-age=63072000" always; # # # 其餘配置與 HTTP 相同 # # ... # }