# CyberVerse static frontend + API/WebSocket reverse proxy for www.cyberverse.cc # # HTTPS: this file MUST include a listen 443 block; otherwise https:// requests # are handled by nginx's default SSL vhost ("Welcome to nginx!"). # Adjust ssl_certificate paths if you use Aliyun-uploaded certs (e.g. under /etc/nginx/ssl/). # # root: nginx runs as www-data and cannot read paths under /home/root-only dirs unless # permissions allow. Prefer deploying dist to e.g. /var/www/cyberverse-cc (see operations doc). server { listen 80; server_name www.cyberverse.cc cyberverse.cc; root /var/www/cyberverse-cc; index index.html; client_max_body_size 100m; location /api/ { proxy_pass http://127.0.0.1:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /ws/ { proxy_pass http://127.0.0.1:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_read_timeout 3600s; } location / { try_files $uri $uri/ /index.html; } } server { listen 443 ssl http2; server_name www.cyberverse.cc cyberverse.cc; ssl_certificate /etc/letsencrypt/live/www.cyberverse.cc/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.cyberverse.cc/privkey.pem; root /var/www/cyberverse-cc; index index.html; client_max_body_size 100m; location /api/ { proxy_pass http://127.0.0.1:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /ws/ { proxy_pass http://127.0.0.1:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; proxy_read_timeout 3600s; } location / { try_files $uri $uri/ /index.html; } }