nginx域名配置——微信小程序访问后台地址的域名配置_微信小程序设置访问地址

场景说明：

前后端分离版的项目，微信小程序发布后，向后台请求数据时访问后台地址失败，后台地址需要https以及域名，不能直接使用ip地址，因此需要做java后台地址的域名映射。

解决方案：

1、前置准备：域名申请和备案，以及安全证书（此处不进行赘述，网上有很多例子）
2、nginx配置（注意看注释说明）
【http://localhost:8075/】是java后台提供的端口号，该地址是最终所有ip的指向（前端请求后台数据需要用的ip）
域名：xxx.xxxxx.net

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    server {
        listen       81;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   html;
            index  index.html index.htm;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    #PC端网页域名映射ssl认证,网站地址栏可以输入：https://xxx.xxxxx.net:8077 /  进行网站访问
    server {
        listen       8077 ssl;
        server_name  xxx.xxxxx.net;  #域名

        #安全证书配置
        ssl_certificate D:\xxx\key\xxx.pem;
        ssl_certificate_key   D:\xxx\key\xxx.key;
 
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
 
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
		
        location / {
            root   work/xxx;  #前端资源
	        try_files $uri $uri/ /index.html;
            index  index.html index.htm;
        }
 	   location /prod-api/ {
            proxy_set_header Host $http_host;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header REMOTE-HOST $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            #此处地址需要替换成被代理后的地址（https）
			proxy_pass https://localhost:8074 /;
        }
   }
   
   #域名映射java后台提供的地址，微信小程序进行访问该域名，拿到后台数据
   server {
        #443或80，既访问该域名默认的端口号，
        #原因：在微信小程序设置请求接口的域名（服务器域名设置）时，不能加端口号
        #（现在发现可以加端口号了,因此可以直接采用映射好的8074。。。240205）
        #因此：小程序访问后台的地址直接填写该域名（xxx.xxxxx.net）不加端口号，与小程序设置要求一致
        listen       443 ssl;    
        server_name  xxx.xxxxx.net;  #域名
         
        #安全证书配置
        ssl_certificate D:\xxx\key\xxx.pem;
        ssl_certificate_key   D:\xxx\key\xxx.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
                #注意https
                proxy_pass https://localhost:8074 /;
        }
   }

 #代理后台地址
  server {
        listen       8074 ssl;
        server_name  xxx.xxxxx.net;  #域名
        #安全证书
        ssl_certificate D:\xxx\key\xxx.pem;
        ssl_certificate_key   D:\xxx\key\xxx.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
              #后台地址
              proxy_pass http://localhost:8075/;
        }
   }

}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126

3、注意事项，服务器需在防火墙开放相关端口号允许外部访问，如配置文档中的8077、443端口号
端口扫码网站：https://www.matools.com/port

240205 现在发现可以加端口号了，补充简洁版：

#user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;
    client_max_body_size 0;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    add_header Content-Security-Policy "script-src * 'unsafe-inline' 'unsafe-eval'";

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    gzip  on;
    gzip_min_length 2k;
    gzip_types text/css application/javascript text/javascript image/jpeg image/png image/gif application/x-javascript;
    gzip_vary on;
    gzip_http_version 1.1; 
    gzip_proxied any;   
 	
    server {
        listen      8077 ssl;
        server_name  域名;

        ssl_certificate      D:\xxx\域名.crt;
        ssl_certificate_key  D:\xxx\域名.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
            root   work/xxxx/web;  #前端资源
	        try_files $uri $uri/ /index.html;
            index  index.html index.htm;
        }
        location /prod-api/ {
                proxy_set_header Host $http_host;
	            proxy_set_header X-Real-IP $remote_addr;
	            proxy_set_header REMOTE-HOST $remote_addr;
	            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	            proxy_pass http://localhost:18010/;
        }
		
    }
    #代理后台地址（提供类小程序访问和微信公众平台配置，需开放该端口号）
  server {
        listen       8074 ssl;
        server_name  域名;

        ssl_certificate      D:\xxx\域名.crt;
        ssl_certificate_key  D:\xxx\域名.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        location / {
           proxy_pass http://localhost:8075/;
        } 
   }

}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87