# WebSocket 配置
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

upstream tornadoes {
    server 127.0.0.1:8000;
    server 127.0.0.1:8001;
    server 127.0.0.1:8002;
    server 127.0.0.1:8003;
}

server {
        listen 443;
        server_name wx.cn; # 改为绑定证书的域名

	#access_log  /var/log/nginx/https_wx_access.log  main;

        # ssl 配置
        ssl on;
        ssl_certificate wx_ssl/1_wx.coderr.cn_bundle.crt;
        ssl_certificate_key wx_ssl/2_wx.coderr.cn.key;

        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;

        # WebSocket 配置
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;

	# 静态文件的配置
        #location /static/ {
        #    root /tmp/pycharm_project_deploy/;
        #    if ($query_string) {
        #        expires max;
        #    }
        #}

        location / {

	  proxy_pass_header Server;
	  proxy_redirect off;
	  proxy_set_header X-Scheme $scheme;

          proxy_set_header X_FORWARDED_PROTO https;
	  proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	  real_ip_header X-Real-IP;
          #proxy_pass http://127.0.0.1:8000;
	  proxy_pass http://tornadoes;
        }
    }


#mqtt
# WebSocket 配置
map $http_upgrade $connection_upgrade {
	default upgrade;
	''      close;
}

server {
#SSL 访问端口号为 443
	listen 443 ssl;
#填写绑定证书的域名
	server_name wx.corr.cn;
#证书文件名称
	ssl_certificate /usr/local/openresty/nginx/conf/ssl/wx.coderr.cn_nginx/wx.corr.cn_bundle.crt;
#私钥文件名称
	ssl_certificate_key /usr/local/openresty/nginx/conf/ssl/wx.coderr.cn_nginx/wx.corr.cn.key;
	ssl_session_timeout 120m;
#请按照以下协议配置
	ssl_protocols TLSv1.2 TLSv1.3;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
	ssl_prefer_server_ciphers on;

	location / {
#网站主页路径。此路径仅供参考,具体请您按照实际目录操作。
#例如,您的网站运行目录在/etc/www下,则填写/etc/www。
		root html;
		index  index.html index.htm;
	}

	location /mqtt {
		proxy_redirect off;
# 反向代理到 EMQ 非加密 WebSocket   ws
		proxy_pass http://127.0.0.1:8083;

		proxy_set_header Host $host;
		proxy_set_header X-Real_IP $remote_addr;
		proxy_set_header X-Forwarded-For $remote_addr:$remote_port;

# WebSocket 额外请求头
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection $connection_upgrade;
	}
}

备份地址: 【小程序的nginx配置