Nginx配置HTTPS反向代理

1, 一键配置nginx虚拟主机

#!/usr/bin/env bash

for domain in $(cat ./domains.txt);do
cat > /etc/nginx/conf.d/${domain}.conf <<-EOF
      server {
        listen       80;
        listen       443 ssl;
        server_name  ${domain};
        if (\$scheme = http) {
          return 301 https://\$host\$request_uri;
        }

        ssl_certificate     /etc/letsencrypt/live/${domain}/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/${domain}/privkey.pem;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        location / {
          proxy_pass http://192.168.22.22:8080;
          proxy_set_header Host \$host;
          proxy_set_header X-Real-IP \$remote_addr;
          proxy_set_header REMOTE-HOST \$remote_addr;
          proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto https;    # 这个可以强制把代理的请求转换成https.
        }
      }
EOF