script/www/note/nginx.conf

server {
    listen 80 ;
    listen 443 ssl http2 ;
    server_name note.sugarscat.cn;

    # acme.sh
    location ^~ /.well-known/acme-challenge {
        allow all;
        root /var/www/html;
    }
    # 重定向
    if ($scheme = http) {
        return 301 https://$host$request_uri;
    }

    # ssl 设置
    ssl_certificate /etc/nginx/ssl/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/privkey.pem;

    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    add_header Strict-Transport-Security "max-age=31536000";
    error_page 497 https://$host$request_uri;
    proxy_set_header X-Forwarded-Proto https;
    ssl_stapling on;
    ssl_stapling_verify on;

    root /var/www/note;
    index index.html;
    
    try_files $uri $uri.html $uri/ =404;

    error_page 404 /404.html;
    error_page 403 /404.html;

    location ~* ^/assets/ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }
}
docs(bash): 更新 Note网站的部署脚本和 Nginx 配置 - 新增 Git 仓库的 Nginx 配置文件和 README指南 - 更新 Note网站的 README，增加部署脚本和定时任务说明 - 新增 Note 网站的 Nginx 配置文件 2025-03-13 19:55:26 +08:00			`server {`
			`listen 80 ;`
			`listen 443 ssl http2 ;`
			`server_name note.sugarscat.cn;`

			`# acme.sh`
			`location ^~ /.well-known/acme-challenge {`
			`allow all;`
			`root /var/www/html;`
			`}`
			`# 重定向`
			`if ($scheme = http) {`
			`return 301 https://$host$request_uri;`
			`}`

			`# ssl 设置`
			`ssl_certificate /etc/nginx/ssl/fullchain.pem;`
			`ssl_certificate_key /etc/nginx/ssl/privkey.pem;`

			`ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;`
			`ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;`
			`ssl_prefer_server_ciphers on;`
			`ssl_session_cache shared:SSL:10m;`
			`ssl_session_timeout 10m;`
			`add_header Strict-Transport-Security "max-age=31536000";`
			`error_page 497 https://$host$request_uri;`
			`proxy_set_header X-Forwarded-Proto https;`
			`ssl_stapling on;`
			`ssl_stapling_verify on;`

			`root /var/www/note;`
			`index index.html;`

			`try_files $uri $uri.html $uri/ =404;`

			`error_page 404 /404.html;`
			`error_page 403 /404.html;`

			`location ~* ^/assets/ {`
			`expires 1y;`
			`add_header Cache-Control "public, immutable";`
			`}`
			`}`