配置好服务器网络配置

增加 docker 部署配置
This commit is contained in:
2025-08-01 16:05:41 +08:00
parent 6727d62272
commit ec2901da03
8 changed files with 248 additions and 149 deletions
+32
View File
@@ -0,0 +1,32 @@
# 基于 state 参数端口分发的 OAuth2 回调配置
# 1. 端口白名单映射(只允许指定端口)
map $arg_state $target_port {
default "";
~^login(51703)_ 51703;
~^login(51704)_ 51704;
~^login(51705)_ 51705;
~^login(51706)_ 51706;
~^login(51707)_ 51707;
~^login(51708)_ 51708;
}
# 2. 统一回调入口,根据 state 分发到对应端口
server {
listen 80;
server_name 10.79.97.17;
location /callback {
# 未匹配到允许端口直接返回 400
if ($target_port = "") {
return 400 "Invalid or unsupported state/port";
}
# 反向代理到本地对应端口的 /callback
proxy_pass http://10.79.97.17:$target_port/callback$is_args$args;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
+28
View File
@@ -0,0 +1,28 @@
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# 包含conf.d目录中的配置文件
include /etc/nginx/conf.d/*.conf;
}