server {
    listen  443 ssl;
    server_name  localhost;

    #设置长连接
    keepalive_timeout  70;

    #HSTS策略
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    #证书文件
    ssl_certificate  /etc/ssl/certs/server.pem;
    #私钥文件
    ssl_certificate_key /etc/ssl/certs/server.key;

    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    #减少点击劫持
    add_header X-Frame-Options DENY;
    #禁止服务器自动解析资源类型
    add_header X-Content-Type-Options nosniff;
    #防XSS攻击
    add_header X-Xss-Protection 1;
    
    index  index.html;
    client_max_body_size 100M;

    location / {
        root /usr/share/nginx/html;
        try_files $uri $uri/ @router;
        index index.html;
    }

    location @router {
        root /usr/share/nginx/html;
        rewrite ^.*$ /index.html last;
    }

    location /index.html {
        root /usr/share/nginx/html;
        rewrite ^ /index.html break;
    }

    location ^~ /location {
        root /usr/share/nginx/html;
        include uwsgi_params;
        proxy_set_header real-ip $remote_addr;
        proxy_pass http://127.0.0.1:80;
    }
}