AI-Agent
/
kvm-manager


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657
							upstream kvm_backend {
    server 127.0.0.1:8004;
}

upstream kvm_frontend {
    # 前端机器 IP，根据实际情况修改
    server 172.16.30.94:8006;
}

server {
    listen 80;
    server_name _;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl;
    server_name _;

    # 自签名 SSL 证书（内网用）
    ssl_certificate /etc/nginx/ssl/server.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;

    # 静态文件代理到前端机器
    location / {
        proxy_pass http://kvm_frontend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    # API 代理到后端
    location /api/ {
        proxy_pass http://kvm_backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_read_timeout 300s;
    }

    # 健康检查
    location /health {
        proxy_pass http://kvm_backend;
    }

    # WebSocket (VNC 控制台)
    location /ws/ {
        proxy_pass http://kvm_backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 3600s;
        proxy_send_timeout 3600s;
    }
}