nginx.conf

worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    autoindex off;
    tcp_nopush on;
    charset UTF-8;
    keepalive_timeout  120;

    server_tokens off;
    proxy_hide_header X-Powered-By;

    upstream tronService {
        server tronapi-service:7001 weight=2 fail_timeout=3000s;
    }

    upstream docService {
        server tronapi-doc:8080 weight=2 fail_timeout=3000s;
    }

    upstream portainerService {
        server portainer-service:9000 weight=2 fail_timeout=3000s;
    }

    upstream sequelizeService {
        server phpmyadmin:80 weight=2 fail_timeout=3000s;
    }

    server {
        listen       80;
        
        # listen 443 ssl http2; 

        server_name  pro.tronapi.com;
        location / {
            root  /usr/share/nginx/web;
            index index.html;
            try_files $uri $uri/ /index.html;
            add_header X-Frame-Options "DENY";
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Content-Type-Options "nosniff";
        }

        location ~ ^/(invoke|api|public)/ {
            proxy_pass http://tronService;
            proxy_send_timeout 1800;
            proxy_read_timeout 1800;
            proxy_connect_timeout 1800;
            proxy_http_version 1.1;  
            proxy_set_header Upgrade $http_upgrade;  
            proxy_set_header Connection "Upgrade"; 
            proxy_set_header  Host              $http_host;
            proxy_set_header  X-Real-IP         $remote_addr;
            proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
            proxy_set_header  X-Forwarded-Proto $scheme;   
        }

        error_page   500 502 503 504  /50x.html;

        gzip on;
        gzip_min_length 1k;
        gzip_comp_level 6;
        gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/xml text/javascript application/json image/png image/gif image/jpeg;
        gzip_vary on;
        gzip_buffers 4 16k;

        # 以下配置添加 https 相关证书信息

        # ssl_certificate /etc/letsencrypt/live/www.greenyep.com/fullchain.pem; # managed by Certbot
        # ssl_certificate_key /etc/letsencrypt/live/www.greenyep.com/privkey.pem; # managed by Certbot
        # include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

        location = /50x.html {
            root   html;
        }
        if ($http_user_agent ~* (Scrapy|Curl|HttpClient|Wget)) {
            return 444;
        }
        if ($http_user_agent ~ "FeedDemon|JikeSpider|Indy Library|Alexa Toolbar|AskTbFXTV|AhrefsBot|CrawlDaddy|CoolpadWebkit|Java|Feedly|UniversalFeedParser|ApacheBench|Microsoft URL Control|Swiftbot|ZmEu|oBot|jaunty|Python-urllib|lightDeckReports Bot|YYSpider|DigExt|YisouSpider|HttpClient|MJ12bot|heritrix|EasouSpider|LinkpadBot|Ezooms|^$" )
        {
            return 444;
        }
        if ($request_method !~ ^(GET|HEAD|POST)$) {
            return 444;
        }
    }

    server {
        listen       80;
        
        # listen 443 ssl http2; 

        server_name  doc.tronapi.com;
        location / {
            proxy_pass http://docService;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   Host      $http_host;
        }

        error_page   500 502 503 504  /50x.html;

        gzip on;
        gzip_min_length 1k;
        gzip_comp_level 6;
        gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/xml text/javascript application/json image/png image/gif image/jpeg;
        gzip_vary on;
        gzip_buffers 4 16k;

        # 以下配置添加 https 相关证书信息

        # ssl_certificate /etc/letsencrypt/live/www.greenyep.com/fullchain.pem; # managed by Certbot
        # ssl_certificate_key /etc/letsencrypt/live/www.greenyep.com/privkey.pem; # managed by Certbot
        # include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

        location = /50x.html {
            root   html;
        }
        if ($http_user_agent ~* (Scrapy|Curl|HttpClient|Wget)) {
            return 444;
        }
        if ($http_user_agent ~ "FeedDemon|JikeSpider|Indy Library|Alexa Toolbar|AskTbFXTV|AhrefsBot|CrawlDaddy|CoolpadWebkit|Java|Feedly|UniversalFeedParser|ApacheBench|Microsoft URL Control|Swiftbot|ZmEu|oBot|jaunty|Python-urllib|lightDeckReports Bot|YYSpider|DigExt|YisouSpider|HttpClient|MJ12bot|heritrix|EasouSpider|LinkpadBot|Ezooms|^$" )
        {
            return 444;
        }
        if ($request_method !~ ^(GET|HEAD|POST)$) {
            return 444;
        }
    }

    server {
        listen       80;
        server_name  portainer.tronapi.com;
        location / {
            proxy_pass http://portainerService;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   Host      $http_host;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        if ($http_user_agent ~* (Scrapy|Curl|HttpClient|Wget)) {
            return 444;
        }
        if ($http_user_agent ~ "FeedDemon|JikeSpider|Indy Library|Alexa Toolbar|AskTbFXTV|AhrefsBot|CrawlDaddy|CoolpadWebkit|Java|Feedly|UniversalFeedParser|ApacheBench|Microsoft URL Control|Swiftbot|ZmEu|oBot|jaunty|Python-urllib|lightDeckReports Bot|YYSpider|DigExt|YisouSpider|HttpClient|MJ12bot|heritrix|EasouSpider|LinkpadBot|Ezooms|^$" )
        {
            return 444;
        }
        if ($request_method !~ ^(GET|HEAD|POST)$) {
            return 444;
        }
    }

    server {
        listen       80;
        server_name  sequelize.tronapi.com;
        location / {
            proxy_pass http://sequelizeService;
            proxy_set_header   X-Real-IP $remote_addr;
            proxy_set_header   Host      $http_host;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
        if ($http_user_agent ~* (Scrapy|Curl|HttpClient|Wget)) {
            return 444;
        }
        if ($http_user_agent ~ "FeedDemon|JikeSpider|Indy Library|Alexa Toolbar|AskTbFXTV|AhrefsBot|CrawlDaddy|CoolpadWebkit|Java|Feedly|UniversalFeedParser|ApacheBench|Microsoft URL Control|Swiftbot|ZmEu|oBot|jaunty|Python-urllib|lightDeckReports Bot|YYSpider|DigExt|YisouSpider|HttpClient|MJ12bot|heritrix|EasouSpider|LinkpadBot|Ezooms|^$" )
        {
            return 444;
        }
        if ($request_method !~ ^(GET|HEAD|POST)$) {
            return 444;
        }
    }

    # 以下两个 server 的配置，将 http 请求重定向到 https 的请求 

    # server {
    #     if ($host = doc.tronapi.com) {
    #         return 301 https://$host$request_uri;
    #     }

    #     server_name  doc.tronapi.com;
    #     listen 80;
    #     return 404; 
    # }

    # server {
    #     if ($host = pro.tronapi.com) {
    #         return 301 https://$host$request_uri;
    #     }
    #     server_name  pro.tronapi.com;
    #     listen 80;
    #     return 404;
    # }

    # include servers/*;
}