# ============================================================================= # MinIO Nginx 配置 (HTTP 版本) # ============================================================================= # # 功能: # - MinIO API 反向代理 (S3 兼容) # - MinIO Console 反向代理 # - 静态资源 CDN 缓存 # # 安装步骤: # 1. sudo ./install.sh # 安装此配置 # 2. sudo ./install.sh --ssl # 使用 certbot 添加 SSL (可选) # # 注意: SSL 配置将由 certbot 自动添加到此文件 # # ============================================================================= # 上游服务器定义 upstream minio_api { server 127.0.0.1:9000; keepalive 32; } upstream minio_console { server 127.0.0.1:9001; keepalive 32; } # ============================================================================= # MinIO API (S3 兼容) - minio.szaiai.com # ============================================================================= server { listen 80; listen [::]:80; server_name minio.szaiai.com; # 日志 access_log /var/log/nginx/minio.szaiai.com.access.log; error_log /var/log/nginx/minio.szaiai.com.error.log; # 客户端配置 client_max_body_size 100M; client_body_buffer_size 128k; client_body_timeout 300s; # 代理缓冲配置 proxy_buffering off; proxy_request_buffering off; # MinIO API 代理 location / { proxy_pass http://minio_api; proxy_http_version 1.1; # 保持连接 proxy_set_header Connection ""; # 必要的头部 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # S3 特定头部 proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # 超时配置 proxy_connect_timeout 60s; proxy_send_timeout 300s; proxy_read_timeout 300s; # WebSocket 支持 proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } # ============================================================================= # MinIO Console - console.minio.szaiai.com # ============================================================================= server { listen 80; listen [::]:80; server_name console.minio.szaiai.com; # 日志 access_log /var/log/nginx/console.minio.access.log; error_log /var/log/nginx/console.minio.error.log; # MinIO Console 代理 location / { proxy_pass http://minio_console; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket 支持 (Console 实时功能) proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # 超时配置 proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; } } # ============================================================================= # CDN 静态资源 - cdn.szaiai.com # ============================================================================= # 用于公开访问的静态资源 (头像、资源文件等) # ============================================================================= server { listen 80; listen [::]:80; server_name cdn.szaiai.com; # 日志 access_log /var/log/nginx/cdn.szaiai.com.access.log; error_log /var/log/nginx/cdn.szaiai.com.error.log; # 公开存储桶 - avatars location /avatars/ { proxy_pass http://minio_api/avatars/; proxy_http_version 1.1; proxy_set_header Connection ""; # 缓存头部 add_header Cache-Control "public, max-age=604800"; # CORS 配置 add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS"; } # 公开存储桶 - resources location /resources/ { proxy_pass http://minio_api/resources/; proxy_http_version 1.1; proxy_set_header Connection ""; # 缓存头部 add_header Cache-Control "public, max-age=604800"; # CORS 配置 add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS"; } # 默认拒绝其他路径 location / { return 403; } }