# ============================================
# SSL/HTTPS 配置模板
# ============================================
# 申请证书后，将证书文件放入 nginx/ssl/ 目录
# 然后为每个域名添加对应的 server 块
# ============================================

# 示例：me.dxz99wyr.cn 的 HTTPS 配置
# server {
#     listen 443 ssl http2;
#     server_name me.dxz99wyr.cn;
#
#     ssl_certificate /etc/nginx/ssl/me.dxz99wyr.cn.crt;
#     ssl_certificate_key /etc/nginx/ssl/me.dxz99wyr.cn.key;
#
#     ssl_protocols TLSv1.2 TLSv1.3;
#     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384;
#     ssl_prefer_server_ciphers off;
#     ssl_session_cache shared:SSL:10m;
#     ssl_session_timeout 1d;
#
#     access_log /var/log/nginx/resume-web.access.log main;
#     error_log /var/log/nginx/resume-web.error.log warn;
#
#     location / {
#         proxy_pass http://resume-web:80;
#         proxy_http_version 1.1;
#         proxy_set_header Host $host;
#         proxy_set_header X-Real-IP $remote_addr;
#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#         proxy_set_header X-Forwarded-Proto $scheme;
#     }
# }
#
# # HTTP 自动跳转到 HTTPS
# server {
#     listen 80;
#     server_name me.dxz99wyr.cn;
#     return 301 https://$server_name$request_uri;
# }