From 7d052f06913a33c9e46e4e151d896fabb0f47857 Mon Sep 17 00:00:00 2001
From: daiyongfei <974332738@qq.com>
Date: Thu, 19 Jun 2025 11:01:54 +0800
Subject: [PATCH] =?UTF-8?q?=E5=9B=BE=E7=89=87https?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../fuyuanshen/constants/DeviceConstants.java |   3 +-
 .../resources/config/application-prod.yml     |   3 +-
 fys-system/src/main/resources/nginx.conf      | 119 ++++++++++++++++++
 3 files changed, 123 insertions(+), 2 deletions(-)
 create mode 100644 fys-system/src/main/resources/nginx.conf

diff --git a/fys-common/src/main/java/com/fuyuanshen/constants/DeviceConstants.java b/fys-common/src/main/java/com/fuyuanshen/constants/DeviceConstants.java
index 67b9bb9..aef6d87 100644
--- a/fys-common/src/main/java/com/fuyuanshen/constants/DeviceConstants.java
+++ b/fys-common/src/main/java/com/fuyuanshen/constants/DeviceConstants.java
@@ -24,6 +24,7 @@ public class DeviceConstants {
     /**
      * 文件访问IP地址
      */
-    public static final String FILE_ACCESS_IP = "http://fuyuanshen.com:81/";
+    // public static final String FILE_ACCESS_IP = "http://fuyuanshen.com:81/";
+    public static final String FILE_ACCESS_IP = "https://fuyuanshen.com/";
 
 }
diff --git a/fys-system/src/main/resources/config/application-prod.yml b/fys-system/src/main/resources/config/application-prod.yml
index 6612b9f..63a86da 100644
--- a/fys-system/src/main/resources/config/application-prod.yml
+++ b/fys-system/src/main/resources/config/application-prod.yml
@@ -149,4 +149,5 @@ file:
   avatarMaxSize: 5
   device:
     pic: /home/eladmin/file/    #设备图片存储路径
-    ip: http://fuyuanshen.com:81/    #服务器地址
+    #ip: http://fuyuanshen.com:81/    #服务器地址
+    ip: https://fuyuanshen.com/    #服务器地址
diff --git a/fys-system/src/main/resources/nginx.conf b/fys-system/src/main/resources/nginx.conf
new file mode 100644
index 0000000..e20f6de
--- /dev/null
+++ b/fys-system/src/main/resources/nginx.conf
@@ -0,0 +1,119 @@
+#user  nobody;
+worker_processes 1;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include mime.types;
+    default_type application/octet-stream;
+    sendfile on;
+    keepalive_timeout 65;
+
+    # 主站 HTTP 配置 (恢复访问)
+    server {
+        listen 80;
+        server_name fuyuanshen.com;
+
+        location / {
+            alias /usr/local/nginx/html/web/;
+            index index.html index.htm;
+        }
+
+        location /sys/ {
+            alias /usr/local/nginx/html/sys/;
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+            root html;
+        }
+    }
+
+    # 图片服务 (HTTP)
+    server {
+        listen 81;
+        server_name 47.107.152.87;
+
+        location /images/ {
+            alias /home/eladmin/file/;
+            autoindex off;
+        }
+    }
+
+    # Gitea 服务 (HTTP)
+    server {
+        listen 80;
+        server_name git.fuyuanshen.com;
+
+        location / {
+            proxy_pass http://localhost:3000;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+
+    # API 服务 (HTTP - 恢复访问)
+    server {
+        listen 80;
+        server_name api.fuyuanshen.com;
+
+        location / {
+            proxy_pass http://localhost:8000/;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+
+    # 主站 HTTPS (可选)
+    server {
+        listen 443 ssl;
+        server_name fuyuanshen.com;
+
+        ssl_certificate /usr/local/nginx/conf/cert/fuyuanshen.com.pem;
+        ssl_certificate_key /usr/local/nginx/conf/cert/fuyuanshen.com.key;
+
+        ssl_session_cache shared:SSL:1m;
+        ssl_session_timeout 5m;
+        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+        ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+
+        location / {
+            alias /usr/local/nginx/html/web/;
+            index index.html index.htm;
+        }
+
+        location /sys/ {
+            alias /usr/local/nginx/html/sys/;
+        }
+    }
+
+    # API 服务 HTTPS (解决原始问题)
+    server {
+        listen 443 ssl;
+        server_name api.fuyuanshen.com;
+
+        ssl_certificate /usr/local/nginx/conf/cert/fuyuanshen.com.pem;
+        ssl_certificate_key /usr/local/nginx/conf/cert/fuyuanshen.com.key;
+
+        ssl_session_cache shared:SSL:1m;
+        ssl_session_timeout 5m;
+        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+        ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
+        ssl_prefer_server_ciphers on;
+
+        location / {
+            proxy_pass http://localhost:8000/;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}
\ No newline at end of file