server {
# 服务器端口使用443，开启ssl, 这里ssl就是上面安装的ssl模块
    listen 80;
	listen 443 ssl http2;
#    listen [::]:80;
#    listen [::]:443 ssl http2;
# 域名，多个以空格分开
    server_name  xxx.xxx.com;
    index index.php index.html index.htm default.php default.htm default.html;
    root /usr/share/nginx/html;
    
#SSL-START SSL相关配置，请勿删除或修改下一行带注释的404规则
    #error_page 404/404.html;
    #HTTP_TO_HTTPS_START
    if ($server_port !~ 443){
        rewrite ^(/.*)$ https://$host$1 permanent;
    }
#HTTP_TO_HTTPS_END
    ssl_certificate        /etc/nginx/xxx.com.crt;
    ssl_certificate_key    /etc/nginx/xxx.com.key;
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    add_header Strict-Transport-Security "max-age=31536000";
    error_page 497  https://$host$request_uri;
#SSL-END

#PHP_START
#	include enable-php.conf;
	location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
    }
#PHP_END

#AUTOINDEX_START
#	autoindex on;
#	autoindex_exact_size off;
#	autoindex_localtime on;
#	charset utf-8,gbk;
#AUTOINDEX_STOP
	
#CR_START
#	location / {
#	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#	proxy_set_header Host $http_host;
#	proxy_redirect off;
#	proxy_pass http://127.0.0.1:5212;
#	}
#CR_STOP
	
#V2RAY_START
#	location /666/ {
#	if ($http_upgrade != "websocket") {
#        return 404;
#    }
#    proxy_redirect off;
#    proxy_pass http://127.0.0.1:54621; 
#    proxy_http_version 1.1;
#    proxy_set_header Upgrade $http_upgrade;
#    proxy_set_header Connection "upgrade";
#    proxy_set_header Host $host;
    # Show real IP in v2ray access.log
#    proxy_set_header X-Real-IP $remote_addr;
#    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#	}
#V2RAY_STOP

#PROXY-START
#	location  ~* \.(gif|png|jpg|css|js|woff|woff2)$
#	{
#    proxy_pass http://127.0.0.1:8000;
#    proxy_set_header Host $host;
#    proxy_set_header X-Real-IP $remote_addr;
#    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#    proxy_set_header REMOTE-HOST $remote_addr;
#    expires 12h;
#	}
#	location /
#	{
#    proxy_pass http://127.0.0.1:8000;
#    proxy_set_header Host $host;
#    proxy_set_header X-Real-IP $remote_addr;
#    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#    proxy_set_header REMOTE-HOST $remote_addr;
#    
#    add_header X-Cache $upstream_cache_status;
#    
#    #Set Nginx Cache
#    
#    	add_header Cache-Control no-cache;
#	}
#	
#	location / {
#        proxy_pass http://127.0.0.1:23333;
#        proxy_redirect      off;
#        proxy_http_version  1.1;
#        proxy_set_header    Host $http_host;
#        proxy_set_header    Upgrade $http_upgrade;
#        proxy_set_header    Connection "upgrade";
#    }
#PROXY-END
}