一段完整的nginx反向代理apache并设置ssl证书代码

一段完整的nginx反向代理apache并设置ssl证书代码（强制跳转https）

1. server {
2. listen 80;
3. root /www/web/lib_tag/public_html;
4. server_name lib.tag www.lib.gg lib.gg;
5. rewrite ^(.*)$ https://$host$1 permanent;
6. index index.html index.php index.htm;
7. error_page 400 /errpage/400.html;
8. error_page 403 /errpage/403.html;
9. error_page 404 /errpage/404.html;
10. error_page 503 /errpage/503.html;
11. location ~ \.php$ {
12. proxy_pass http://127.0.0.1:88;
13. include naproxy.conf;
14. }
15. location ~ /\.ht {
16. deny all;
17. }
18. location / {
19. try_files $uri @apache;
20. }
21. location @apache {
22. internal;
23. proxy_pass http://127.0.0.1:88;
24. include naproxy.conf;
25. }
26. access_log logs/lib.tag_access.log wwwlogs;
27. }
28.  
29. server {
30. listen 443;
31. root /www/web/lib_tag/public_html;
32. ssl on;
33. ssl_certificate cert/lib.tag.crt;
34. ssl_certificate_key cert/lib.tag.key;
35. ssl_prefer_server_ciphers on;
36. ssl_session_timeout 10m;
37. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
38. ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
39. server_name lib.tag www.lib.gg lib.gg;
40. index index.html index.php index.htm;
41. error_page 400 /errpage/400.html;
42. error_page 403 /errpage/403.html;
43. error_page 404 /errpage/404.html;
44. error_page 503 /errpage/503.html;
45. location ~ \.php$ {
46. proxy_pass http://127.0.0.1:88;
47. include naproxy.conf;
48. }
49. location ~ /\.ht {
50. deny all;
51. }
52. location / {
53. try_files $uri @apache;
54. }
55. location @apache {
56. internal;
57. proxy_pass http://127.0.0.1:88;
58. include naproxy.conf;
59. }
60. access_log logs/lib.tag_accesss.log wwwlogs;
61. }