update nginx

Dockerfile

+FROM nginx:alpine
+
+LABEL maintainer="Mahmoud Zalt <mahmoud@zalt.me>"
+
+# If you're in China, or you need to change sources, will be set CHANGE_SOURCE to true in .env.
+
+ARG CHANGE_SOURCE=true
+RUN if [ ${CHANGE_SOURCE} = true ]; then \
+    # Change application source from dl-cdn.alpinelinux.org to aliyun source
+    sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/' /etc/apk/repositories \
+;fi
+
+RUN apk update \
+    && apk upgrade \
+    && apk add --no-cache openssl \
+    && apk add --no-cache bash \
+    && adduser -D -H -u 1000 -s /bin/bash www
+
+# Set upstream conf and remove the default conf
+RUN rm /etc/nginx/conf.d/default.conf
+
+RUN mkdir /etc/nginx/upstreams && mkdir /etc/nginx/res
+
+COPY ./nginx.conf /etc/nginx/
+COPY ./upstreams/* /etc/nginx/upstreams/
+COPY ./res/* /etc/nginx/res/
+COPY ./ssl/* /etc/nginx/ssl/
+COPY ./sites_online/* /etc/nginx/sites-available/
+
+ADD ./startup.sh /opt/startup.sh
+RUN sed -i 's/\r//g' /opt/startup.sh
+CMD ["/bin/bash", "/opt/startup.sh"]
+
+EXPOSE 80 443

nginx.conf

+user www;
+worker_processes 4;
+daemon off;
+
+pid /run/nginx.pid;
+
+#Specifies the value for maximum file descriptors that can be opened by this process. 
+worker_rlimit_nofile 65535;
+
+events {
+    use epoll;
+    multi_accept on;
+    worker_connections 65535;
+}
+
+http {
+    server_tokens off;
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 60;
+    types_hash_max_size 2048;
+    client_max_body_size 20M;
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+
+    charset UTF-8;
+
+    server_names_hash_bucket_size 128;
+    client_header_buffer_size 32k;
+    large_client_header_buffers 4 32k;
+
+    include /etc/nginx/res/slb_ip_list.conf;
+    real_ip_header X-Forwarded-For;
+
+    gzip on;
+    gzip_min_length 1k;
+    gzip_disable "msie6";
+    gzip_buffers 4 16k;
+    gzip_http_version 1.0;
+    gzip_comp_level 2;
+    gzip_types text/plain application/x-javascript text/css application/xml;
+    gzip_vary on;
+#limit_zone crawler $binary_remote_addr 10m;
+
+    log_format '$remote_addr - $remote_user [$time_local] - $server_addr "$request" '
+        '$status $body_bytes_sent "$http_referer" '
+        '"$http_user_agent" "$http_x_forwarded_for"';
+
+    log_format access '{"@timestamp":"$time_iso8601",'
+        '"host":"$server_addr",'
+        '"clientip":"$remote_addr",'
+        '"size":"$body_bytes_sent" ,'
+        '"respnsetime":"$request_time",'
+        '"upstremtime":"$upstream_response_time",'
+        '"httphost":"$host",'
+        '"referer":"$http_referer",'
+        '"xff":"$http_x_forwarded_for",'
+        '"agent":"$http_user_agent",'
+        '"request":"$request",'
+        '"uri":"$uri",'
+        '"status":"$status"}';
+
+    log_format access_body '{"@timestamp":"$time_iso8601",'
+        '"host":"$server_addr",'
+        '"clientip":"$remote_addr",'
+        '"size":"$body_bytes_sent",'
+        '"body":"$request_body",'
+        '"respnsetime":"$request_time",'
+        '"upstremtime":"$upstream_response_time",'
+        '"httphost":"$host",'
+        '"referer":"$http_referer",'
+        '"xff":"$http_x_forwarded_for",'
+        '"agent":"$http_user_agent",'
+        '"request":"$request",'
+        '"uri":"$uri",'
+        '"status":"$status"}';
+
+    include /etc/nginx/upstreams/*.conf;
+    include /etc/nginx/sites-available/*.conf;
+}

res/fxqifu.com.key

+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAukuMadOS9ryMnzu1H3KRwTZLhlvMAB9VWUTv8pJW4sFyhOkx
+y5VohbGaS+ebpULtuPJ4GoPdco6jcuiuMkdhY3ccMO4g+Zl6Sz7sB+kOkbYzrbFu
+Uq/AvHCOLogwllkckerBuhlIAFvkjgVKC0iY5coqWmYX700EBUT7lZNifb3b/xiw
+WQz+rCtrmAkuv0mTwbXufRZOb3eNONkwAz9ohL7fEVCZP7HzeIaav/AMqmwMnkH+
+orD00yOC5MAuI24edmQnN+ytz04mO6YG0+Z3eOw8VI+7mCn2Alwyhsz3PT+NfdCx
+tCqxEdvfQbjGAdh8rVEZtyIJTzlQl1sajMnECQIDAQABAoIBAQCGr1n7pJfqxJRS
+BuPCsZ0I+A0QPUu2hvC4kmt7jys70ynNR57VldY0Whu4ZuETUNj3Tm1glhdC3Db1
+O529Afg55gI+qdqzOa+9uOcCLQ94bybbm5ysMR6B3kodAB9Ig3JxWCzpM5/niogp
+2U8X60uHTmriYk9Jlf+jI6VUFXMufhlc9/tFcNz+YvyXRQvyesM/ate/3GW4CHiM
+lKf8nMIIBcjx7eENHfJi1a//AEUFLhlTaoTXU4NeGKC2HKFh9tDr1oFaOl+62Yv8
+Qp1Zpe3kOGnXjq4d4ePbSO7EHHb8Yg4PBh+URRklPcxHQ2gPqThhJ9spdm+iCMk5
+keFjyPiVAoGBAOvGjsL2ZqfPXwqCcpJ+u8KUfCY5yfdPmJDrmcjoIWhHvW0kc6H9
+bda+roErkZM4P0yspTmyzHs9CH3Uv2cAYRXmRa0tW1Z1Z1ZKyMuiIj3F/NbtqfP+
++kxA7z9GfK7OvchovG7EkBvwCtLt54eOnmqILwuIZRWRcPKhIn0z9j9LAoGBAMpG
+cFkf3iqP1oa1ogEPBU/AguJUH1SDNE/oWy0zTs7o9nuEYtd72JAFnvbJLpkknSxB
+UYPIdDlCnkawWgnP73J642j1WgJcUhcEvRXedh3XGereA9EYBZSaEjpdiup2ndox
+BGJY0B/G4l4NkbKIjQ40SCO2O0Yie1GXptYUlDF7AoGBAMnmkXAAwq2nFdMRG/25
+Cx44Owwc5oeioJpRNrLlnV4IOP1SfrbUJ5ACX7r7TUENpJ8LJL4BD7vk6vWeDn2s
+xHaVZ0tCEPo7tU8e4U4HvFy7w6VlhekMithrrrS3rqOfJMOOdPZB2sohx5MS6Pab
+OasujWLJ3Q4YKumK9NbUfWV7AoGASwJqATLnISNr61KJvBjE4HlEUAfgAmgRSxyg
+Sxe+vs33MYC7YqtDeM0M0Plz9Uh1nIawYs1ABEfnB9G34fGhGvPlRvPNKBjyPCT+
+tZBkftZYfxdLlQtyblPgNJKhxCaujM4mkQ3cSBxpr3UatXkbzcungM7AFlcNIgm5
+zaOd/OcCgYAw7ErMiyFSLJp/d/+lbWBT0if/3V/5w3y8u+bhKCmRqU/L8Jgg0tzr
+Ubza2bc9hR/N7ioqg99lJ3gaGSlNP+4XQFmPMrbl/bWfWTpYuQDGZbF5v87HTQA4
+TP3Z4z3Mty9cV5ICaZZxvR2QNzKZGMqg/ufkrlmaWJwuTohrYNke7g==
+-----END RSA PRIVATE KEY-----
\ No newline at end of file

res/fxqifu.com.pem

+-----BEGIN CERTIFICATE-----
+MIIFsDCCBJigAwIBAgIQBzIfMob0qgobbN06iFfRZDANBgkqhkiG9w0BAQsFADBe
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRSYXBpZFNTTCBSU0EgQ0EgMjAxODAe
+Fw0xODA4MDYwMDAwMDBaFw0xOTExMDUxMjAwMDBaMBcxFTATBgNVBAMMDCouZnhx
+aWZ1LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALpLjGnTkva8
+jJ87tR9ykcE2S4ZbzAAfVVlE7/KSVuLBcoTpMcuVaIWxmkvnm6VC7bjyeBqD3XKO
+o3LorjJHYWN3HDDuIPmZeks+7AfpDpG2M62xblKvwLxwji6IMJZZHJHqwboZSABb
+5I4FSgtImOXKKlpmF+9NBAVE+5WTYn292/8YsFkM/qwra5gJLr9Jk8G17n0WTm93
+jTjZMAM/aIS+3xFQmT+x83iGmr/wDKpsDJ5B/qKw9NMjguTALiNuHnZkJzfsrc9O
+JjumBtPmd3jsPFSPu5gp9gJcMobM9z0/jX3QsbQqsRHb30G4xgHYfK1RGbciCU85
+UJdbGozJxAkCAwEAAaOCAq8wggKrMB8GA1UdIwQYMBaAFFPKF1n8a8ADIS8aruSq
+qByCVtp1MB0GA1UdDgQWBBRl6tWdgnQ46m4QtiRMjyW+1BtvkjAjBgNVHREEHDAa
+ggwqLmZ4cWlmdS5jb22CCmZ4cWlmdS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHR8ENzA1MDOgMaAvhi1odHRw
+Oi8vY2RwLnJhcGlkc3NsLmNvbS9SYXBpZFNTTFJTQUNBMjAxOC5jcmwwTAYDVR0g
+BEUwQzA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln
+aWNlcnQuY29tL0NQUzAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMCYGCCsGAQUF
+BzABhhpodHRwOi8vc3RhdHVzLnJhcGlkc3NsLmNvbTA9BggrBgEFBQcwAoYxaHR0
+cDovL2NhY2VydHMucmFwaWRzc2wuY29tL1JhcGlkU1NMUlNBQ0EyMDE4LmNydDAJ
+BgNVHRMEAjAAMIIBAwYKKwYBBAHWeQIEAgSB9ASB8QDvAHYApLkJkLQYWBSHuxOi
+zGdwCjw1mAT5G9+443fNDsgN3BAAAAFlDmBOPgAABAMARzBFAiEAzPrGUew5tKKg
+eB4Mmnb4Up7OkQFwHeWHNbvZyPLgCH8CIHjXHEMILhUp/KVopXJAhZVLsM4AkvzJ
+6RYQdVjd6q6ZAHUAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFl
+DmBPBgAABAMARjBEAiBfRaRC7eDGSCIPdgf9JmMJTYYLqX+lh5RxIibYWHiZ5QIg
+YJNu7FJlayoEzmoD4zcBL0w5DwUzKc8bkEmN5RGutOYwDQYJKoZIhvcNAQELBQAD
+ggEBAORMXtz1IbamplMW3FVn5M5v/Dv/wiG4xxDgvDm6HZlQLuOZsJGeEizBsNgN
+o2eECeM18z0fPLLFbw5a9JDlh2ySU5SQ3Q/L2MtIKpaU91VK67btKUhOSy8aryVZ
+tSa+QAYXbDoe2Y39T9XXWeuLuHDAIpXBRLLfDr3fpfHJsI4wN4NvmKnMvhG7XS6j
+eAa1bNpXmzyUr+GjpIE1XwaOVzVccfMOfCAbOirGwjaJCEzZAjjpVnfn+dXckd6q
+mMW8vA6YE0YPTLo59pi/FDWjlhPvAJhi+D+cV4x/rXyaXmE6wVJEe7mQB5ZNVSFG
+peJISE6kWy7K6gMKrh3IsdJZFf0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEsTCCA5mgAwIBAgIQCKWiRs1LXIyD1wK0u6tTSTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzExMDYxMjIzMzNaFw0yNzExMDYxMjIzMzNaMF4xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHTAbBgNVBAMTFFJhcGlkU1NMIFJTQSBDQSAyMDE4MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA5S2oihEo9nnpezoziDtx4WWLLCll/e0t1EYemE5n
++MgP5viaHLy+VpHP+ndX5D18INIuuAV8wFq26KF5U0WNIZiQp6mLtIWjUeWDPA28
+OeyhTlj9TLk2beytbtFU6ypbpWUltmvY5V8ngspC7nFRNCjpfnDED2kRyJzO8yoK
+MFz4J4JE8N7NA1uJwUEFMUvHLs0scLoPZkKcewIRm1RV2AxmFQxJkdf7YN9Pckki
+f2Xgm3b48BZn0zf0qXsSeGu84ua9gwzjzI7tbTBjayTpT+/XpWuBVv6fvarI6bik
+KB859OSGQuw73XXgeuFwEPHTIRoUtkzu3/EQ+LtwznkkdQIDAQABo4IBZjCCAWIw
+HQYDVR0OBBYEFFPKF1n8a8ADIS8aruSqqByCVtp1MB8GA1UdIwQYMBaAFAPeUDVW
+0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQo
+MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8E
+OzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i
+YWxSb290Q0EuY3JsMGMGA1UdIARcMFowNwYJYIZIAYb9bAECMCowKAYIKwYBBQUH
+AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCwYJYIZIAYb9bAEBMAgG
+BmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQADggEBAH4jx/LKNW5ZklFc
+YWs8Ejbm0nyzKeZC2KOVYR7P8gevKyslWm4Xo4BSzKr235FsJ4aFt6yAiv1eY0tZ
+/ZN18bOGSGStoEc/JE4ocIzr8P5Mg11kRYHbmgYnr1Rxeki5mSeb39DGxTpJD4kG
+hs5lXNoo4conUiiJwKaqH7vh2baryd8pMISag83JUqyVGc2tWPpO0329/CWq2kry
+qv66OSMjwulUz0dXf4OHQasR7CNfIr+4KScc6ABlQ5RDF86PGeE6kdwSQkFiB/cQ
+ysNyq0jEDQTkfa2pjmuWtMCNbBnhFXBYejfubIhaUbEv2FOQB3dCav+FPg5eEveX
+TVyMnGo=
+-----END CERTIFICATE-----

res/fxqifu.com_cert.conf

+#ssl on;
+ssl_certificate /etc/nginx/res/fxqifu.com.pem;
+ssl_certificate_key /etc/nginx/res/fxqifu.com.key;
+ssl_session_timeout 5m;
+ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ssl_prefer_server_ciphers on;

res/htpasswd

+fxqifu-xhgui:8z/V6DFUHtLV.

res/php-fpm-73.conf

+location / {
+	try_files $uri $uri/ /index.php$is_args$args;
+}
+
+location ~ \.php$ {
+	fastcgi_pass php-73-upstream;
+	fastcgi_index index.php;
+	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+	#fastcgi_param TIDEWAYS_SAMPLERATE "100";
+        #fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/back-end/php-xhgui/external/header.php"; 
+	include fastcgi_params;
+}

res/php-fpm-xhprof.conf

+location / {
+	try_files $uri $uri/ /index.php$is_args$args;
+}
+
+location ~ \.php$ {
+	fastcgi_pass php-upstream;
+	fastcgi_index index.php;
+	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+	fastcgi_param TIDEWAYS_SAMPLERATE "100";
+        fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/back-end/php-xhgui/external/header.php"; 
+	include fastcgi_params;
+}

res/php-fpm.conf

+location / {
+	try_files $uri $uri/ /index.php$is_args$args;
+}
+
+location ~ \.php$ {
+	fastcgi_pass php-upstream;
+	fastcgi_index index.php;
+	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+	include fastcgi_params;
+}

res/slb_ip_list.conf

+set_real_ip_from 100.116.239.0/25;

res/static_resource.conf

+location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|svg|ico)$ {
+    access_log off;
+    expires 30d;
+}
+
+location ~ .*\.(js|css)?$ {
+    access_log off;
+    expires 1h;
+}
+
+location ~ .*\.(woff|woff2)?$ {
+    access_log off;
+    expires 10d;
+}

res/strict_web_cors.conf

+add_header Access-Control-Allow-Origin $http_origin always;
+add_header Access-Control-Allow-Methods GET,POST,OPTIONS,PATCH,PUT,DELETE always;
+add_header Access-Control-Allow-Credentials true always;
+add_header Access-Control-Allow-Headers Authorization,Token,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,welfare-token,fx-token,walking-token,withcredentials always;
+add_header Access-Control-Max-Age 1728000 always;
+
+if ($request_method = OPTIONS) {
+    #if ($http_origin !~ (\.fxqifu\.com\.cn$)|(\.fxqifu\.com$)) {
+    #    return 403;
+    #}
+    return 204;
+}

sites/gitlab-sync.fxqifu.com.cn.conf

+server {
+	listen 80;
+	server_name gitlab-sync.fxqifu.com.cn;
+	root /var/www/dev-ops/gitlab-sync;
+	index index.html index.php;
+
+	location / {
+                try_files $uri $uri/ /index.php$is_args$args;
+        }
+
+        location ~ \.php$ {
+                #fastcgi_pass gitlab-sync:9000;
+                #fastcgi_index index.php;
+                #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+                #include fastcgi_params;
+        }
+
+	access_log /var/log/nginx/git.fxqifu.com_access.log access_body;
+	error_log /var/log/nginx/git.fxqifu.com_error.log error;
+}

sites/transaction.fxqifu.com.conf

+server {
+	listen 80;
+	server_name transaction.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name transaction.fxqifu.com transaction.fxqifu.com.cn;
+	index index.html index.php;
+	root /var/www/back-end/transaction/public;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/transaction.fxqifu.com_access.log access;
+	error_log /var/log/nginx/transaction.fxqifu.com_error.log error;
+}

sites/welfare.fxqifu.com.conf

+server {
+	listen 80;
+	server_name welfare.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
+	index index.html index.php;
+	root /var/www/back-end/welfare/public;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/welfare.fxqifu.com_access.log access;
+	error_log /var/log/nginx/welfare.fxqifu.com_error.log error;
+}

sites/xj-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj-api.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
+	index index.html index.htm index.php;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host  $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://node-upstream;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj-api.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/xj-api.fxqifu.com.cn_error.log error;
+}

sites/xj-app.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj-app.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xj-app-web;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj-app.fxqifu.com_access.log;
+	error_log /var/log/nginx/xj-app.fxqifu.com_error.log error;
+}

sites/xj.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name xj.fxqifu.com xj.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xj-admin-web/dist;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj.fxqifu.com_access.log;
+	error_log /var/log/nginx/xj.fxqifu.com_error.log error;
+}

sites_online/admin.xj.fxqifu.com.conf

+server {
+	listen 80;
+	server_name admin-xj.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name admin-xj.fxqifu.com;
+	index index.html index.htm;
+	root /var/www/front-end/xj-manage-admin/dist;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/admin-xj.fxqifu.com_access.log;
+	error_log /var/log/nginx/admin-xj.fxqifu.com_error.log error;
+}

sites_online/gitlab-sync.fxqifu.com.cn.conf

+server {
+	listen 80;
+	server_name gitlab-sync.fxqifu.com.cn;
+	root /var/www/dev-ops/gitlab-sync;
+	index index.html index.php;
+
+	location / {
+                try_files $uri $uri/ /index.php$is_args$args;
+        }
+
+        location ~ \.php$ {
+                fastcgi_pass gitlab-sync:9000;
+                fastcgi_index index.php;
+                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+                include fastcgi_params;
+        }
+
+	access_log /var/log/nginx/git.fxqifu.com_access.log access_body;
+	error_log /var/log/nginx/git.fxqifu.com_error.log error;
+}

sites_online/order.fxqifu.com.conf

+server {
+	listen 80;
+	server_name order.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name order.fxqifu.com order.fxqifu.com.cn;
+	index index.html index.php;
+	root /var/www/back-end/order/public;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/order.fxqifu.com_access.log access;
+	error_log /var/log/nginx/order.fxqifu.com_error.log error;
+}

sites_online/sp.xj.fxqifu.com.conf

+server {
+	listen 80;
+	server_name sp-xj.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name sp-xj.fxqifu.com;
+	index index.html index.htm;
+	root /var/www/front-end/xj-service-admin/dist;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/sp-xj.fxqifu.com_access.log;
+	error_log /var/log/nginx/sp-xj.fxqifu.com_error.log error;
+}

sites_online/supplier-admin.fxqifu.com.conf

+server {
+	listen 80;
+	server_name supplier-admin.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name supplier-admin.fxqifu.com;
+	index index.html index.htm;
+	root /var/www/front-end/supplier-admin/dist;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/supplier-admin.fxqifu.com_access.log;
+	error_log /var/log/nginx/supplier-admin.fxqifu.com_error.log error;
+}

sites_online/supplier-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name supplier-api.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name supplier-api.fxqifu.com supplier-api.fxqifu.com.cn;
+	index index.html index.php;
+	root /var/www/back-end/supplier/public;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/supplier-api.fxqifu.com_access.log access;
+	error_log /var/log/nginx/supplier-api.fxqifu.com_error.log error;
+}

sites_online/supplier-front-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name supplier-front-api.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name supplier-front-api.fxqifu.com;
+	index index.html index.htm index.php;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host  $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://node-tmp-upstream;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/supplier-front-api.fxqifu.com_access.log;
+	error_log /var/log/nginx/supplier-front-api.fxqifu.com_error.log error;
+}

sites_online/transaction.fxqifu.com.conf

+server {
+	listen 80;
+	server_name transaction.fxqifu.com transaction.fxqifu.com.cn;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name transaction.fxqifu.com transaction.fxqifu.com.cn;
+	index index.html index.php;
+	root /var/www/back-end/transaction/public;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/transaction.fxqifu.com_access.log access;
+	error_log /var/log/nginx/transaction.fxqifu.com_error.log error;
+}

sites_online/uc.fxqifu.com.conf

+server {
+	listen 80;
+	server_name uc.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name uc.fxqifu.com uc.fxqifu.com.cn;
+	index index.html index.php;
+	root /var/www/back-end/user-center/public;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/uc.fxqifu.com_access.log access;
+	error_log /var/log/nginx/uc.fxqifu.com_error.log error;
+}

sites_online/welfare-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name welfare-api.fxqifu.com.cn;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	include /etc/nginx/res/static_resource.conf;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host  $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://node:3000;
+	}
+
+	access_log /var/log/nginx/welfare-api.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/welfare-api.fxqifu.com.cn_error.log error;
+}

sites_online/welfare.fxqifu.com.conf

+server {
+	listen 80;
+	server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
+	index index.html index.php;
+
+	root /var/www/back-end/welfare/public;
+
+	include /etc/nginx/res/strict_web_cors.conf;
+
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/welfare.fxqifu.com_access.log access;
+	error_log /var/log/nginx/welfare.fxqifu.com_error.log error;
+}

sites_online/www.elejoys.com.conf

+server {
+	listen 80;
+	server_name www.elejoys.com xiangjia.fxqifu.com;
+	index index.html index.htm;
+	root /var/www/front-end/xj-website/build;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/www.elejoys.com_access.log;
+	error_log /var/log/nginx/www.elejoys.com_error.log error;
+}

sites_online/xhgui.fxqifu.com.conf

+upstream php-71-upstream { server php-fpm-71:9000; }
+
+server {
+    listen 80;
+    server_name xhgui.fxqifu.com.cn;
+    index index.html index.php;
+
+    root /var/www/back-end/php-xhgui/webroot;
+
+    location / {
+	    try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+        auth_basic "xhgui needs authentication"; # 开启HTTP Basic认证
+        #auth_basic_user_file htpasswd;  # 密码文件
+        auth_basic_user_file /etc/nginx/res/htpasswd;  # 密码文件
+        try_files $uri =404;
+	fastcgi_pass php-71-upstream;
+	fastcgi_index index.php;
+	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+	include fastcgi_params;
+    }
+
+    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
+        expires      30d;
+    }
+
+    location ~ .*\.(js|css)?$ {
+        expires      30d;
+    }
+
+    access_log /var/log/nginx/xhgui.fxqifu.com.cn_access.log access;
+    error_log /var/log/nginx/xhgui.fxqifu.com.cn_error.log error;
+}

sites_online/xj-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
+	index index.html index.htm index.php;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host  $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://node-upstream;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj-api.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/xj-api.fxqifu.com.cn_error.log error;
+}

sites_online/xj-app-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj-app-api.fxqifu.com;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name xj-app-api.fxqifu.com;
+	index index.html index.htm index.php;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host  $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://node-tmp-upstream;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj-app-api.fxqifu.com_access.log;
+	error_log /var/log/nginx/xj-app-api.fxqifu.com_error.log error;
+}

sites_online/xj-app.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xj-app-web;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj-app.fxqifu.com_access.log;
+	error_log /var/log/nginx/xj-app.fxqifu.com_error.log error;
+}

sites_online/xj.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj.fxqifu.com xj.fxqifu.com.cn;
+	return 301 https://$server_name$request_uri;
+}
+
+server {
+	listen 443 ssl;
+	server_name xj.fxqifu.com xj.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xj-admin-web/dist;
+	include /etc/nginx/res/fxqifu.com_cert.conf;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj.fxqifu.com_access.log;
+	error_log /var/log/nginx/xj.fxqifu.com_error.log error;
+}

sites_qa/admin-xj.fxqifu.com.cn.conf

+server {
+	listen 80;
+	server_name admin-xj.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xjia-operate-admin/dist;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/admin.xj.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/admin.xj.fxqifu.com.cn_error.log error;
+}

sites_qa/admin.xj.fxqifu.com.cn.conf.bak

+server {
+	listen 80;
+	server_name admin.xj.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xjia-operate-admin;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/admin.xj.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/admin.xj.fxqifu.com.cn_error.log error;
+}

sites_qa/jenkins.fxqifu.com.cn.conf

+server {
+	listen 80;
+	server_name jenkins.fxqifu.com.cn;
+	index index.html index.php;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://jenkins:8080;
+	}
+
+	#include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/jenkins.fxqifu.com_access.log access_body;
+	error_log /var/log/nginx/jenkins.fxqifu.com_error.log error;
+}

sites_qa/sp-xj.fxqifu.com.cn.conf

+server {
+	listen 80;
+	server_name sp-xj.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xjia-service-provider/dist;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/sp.xj.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/sp.xj.fxqifu.com.cn_error.log error;
+}

sites_qa/sp.xj.fxqifu.com.conf

+server {
+	listen 80;
+	server_name sp.xj.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xjia-service-provider;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/sp.xj.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/sp.xj.fxqifu.com.cn_error.log error;
+}

sites_qa/supplier-admin.fxqifu.com.cn.conf

+server {
+	listen 80;
+	server_name supplier-admin.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/provideManage_web/dist;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/supplier-admin.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/supplier-admin.fxqifu.com.cn_error.log error;
+}

sites_qa/welfare-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name welfare-api.fxqifu.com.cn;
+	include /etc/nginx/res/static_resource.conf;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host  $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://node:3000;
+	}
+
+	access_log /var/log/nginx/welfare-api.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/welfare-api.fxqifu.com.cn_error.log error;
+}

sites_qa/welfare.fxqifu.com.conf

+server {
+	listen 80;
+	server_name welfare.fxqifu.com welfare.fxqifu.com.cn;
+	index index.html index.php;
+	root /var/www/back-end/fxqifu_welfare/public;
+
+	include /etc/nginx/res/php-fpm.conf;
+
+	include /etc/nginx/res/static_resource.conf;
+
+	access_log /var/log/nginx/welfare.fxqifu.com_access.log access;
+	error_log /var/log/nginx/welfare.fxqifu.com_error.log error;
+}

sites_qa/xj-api.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj-api.fxqifu.com xj-api.fxqifu.com.cn;
+	index index.html index.htm index.php;
+
+	location / { 
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host  $http_host;
+		proxy_set_header X-Nginx-Proxy true;
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+		proxy_pass http://node-upstream;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj-api.fxqifu.com.cn_access.log;
+	error_log /var/log/nginx/xj-api.fxqifu.com.cn_error.log error;
+}

sites_qa/xj-app.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj-app.fxqifu.com xj-app.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xjia-app-admin;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj-app.fxqifu.com_access.log;
+	error_log /var/log/nginx/xj-app.fxqifu.com_error.log error;
+}

sites_qa/xj.fxqifu.com.conf

+server {
+	listen 80;
+	server_name xj.fxqifu.com xj.fxqifu.com.cn;
+	index index.html index.htm;
+	root /var/www/front-end/xjia-admin-pc/dist;
+
+	location / { 
+		try_files $uri $uri/ /index.html$is_args$args;
+	}
+
+	include /etc/nginx/res/static_resource.conf;
+
+	#access_log /var/log/nginx/xj.fxqifu.com_access.log;
+	error_log /var/log/nginx/xj.fxqifu.com_error.log error;
+}

ssl/default.crt

+-----BEGIN CERTIFICATE-----
+MIIC6TCCAdECFEc1VG8omKI7BCjhRYOyG7ztfbn9MA0GCSqGSIb3DQEBCwUAMDEx
+EDAOBgNVBAMMB2RlZmF1bHQxEDAOBgNVBAoMB2RlZmF1bHQxCzAJBgNVBAYTAlVL
+MB4XDTE5MDMzMDAyNDkyNFoXDTIwMDMyOTAyNDkyNFowMTEQMA4GA1UEAwwHZGVm
+YXVsdDEQMA4GA1UECgwHZGVmYXVsdDELMAkGA1UEBhMCVUswggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC1o8V2rBgq1cuvONNqfrVk/h07G2u5x8nnjis3
+PZXM4GWBhum8VzWCKLQMiwv1WANnOU2+zvZDAcVzPlZX+yX32ahaQM+b+fMzCFi/
+WdlrHjPrpqeMTaYwSGrGb1k76rG2GoRqSTvK119s2jhkDMiJ0aERGD90uSX54kqa
+OWb8BoTpc7CguGJn8pYXPaCBncwicnU9gselgYbdgHsgtbC/5PyFtYUS4D8+0z+b
+5ZU8sqDpz74VdXzeX23q7uHr7tcVZLg+eakfNXgbs2RY9XtsFZZRzixeEzaUE0a6
+MAGSTTGKgEcA7GlaHgnLa9+xQwGBO3OpFT+9xT3gMkHAmCuTAgMBAAEwDQYJKoZI
+hvcNAQELBQADggEBACZwmstiOKho9w7/ii5FC8exkmPUjUYzSvBf/mbbvVvSKoSw
+5SBclFG/R4Alc47MwwrQv5ZDkjwjLlQBtdlMsHyLZu1YmNW98X2JeqqhB/EuNPwJ
+5eWUP1fBCPRjWo6xA1OBWw0E3XE+gmx+i/+eUO4K0O3ez/bN3WAFJaOZB7NIzs2a
+nsb+oupC9X6OITq7I1kNIpBK3l4heEnFehFILm/7hH1dJehX1uwK3Vw6A2ZBIRxs
+L2T6U2GckOgrcJHfHo7Z6WzRkzzQPVuTaMCwWuGjNLVkJX4uRe+C26sA+Uix99GQ
+VDpS8t/yVhjDpSuAur2HXFy0nGohyXbymp+tSgI=
+-----END CERTIFICATE-----

ssl/default.csr

+-----BEGIN CERTIFICATE REQUEST-----
+MIICdjCCAV4CAQAwMTEQMA4GA1UEAwwHZGVmYXVsdDEQMA4GA1UECgwHZGVmYXVs
+dDELMAkGA1UEBhMCVUswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1
+o8V2rBgq1cuvONNqfrVk/h07G2u5x8nnjis3PZXM4GWBhum8VzWCKLQMiwv1WANn
+OU2+zvZDAcVzPlZX+yX32ahaQM+b+fMzCFi/WdlrHjPrpqeMTaYwSGrGb1k76rG2
+GoRqSTvK119s2jhkDMiJ0aERGD90uSX54kqaOWb8BoTpc7CguGJn8pYXPaCBncwi
+cnU9gselgYbdgHsgtbC/5PyFtYUS4D8+0z+b5ZU8sqDpz74VdXzeX23q7uHr7tcV
+ZLg+eakfNXgbs2RY9XtsFZZRzixeEzaUE0a6MAGSTTGKgEcA7GlaHgnLa9+xQwGB
+O3OpFT+9xT3gMkHAmCuTAgMBAAGgADANBgkqhkiG9w0BAQsFAAOCAQEAlZpiMQ8t
+J7RLeFCksfw6dBS7Lts35WR0UCRUwtM6UQJVfS69H/LvoFSe3LLw5Nt1B26yMYrm
+riSoQsmzBR7tLwRzC76s7wCrreDI1AZNrAxMoHDJyicwfZiwrngp86DanhJz2UMu
+ndEOLHXOS0LhTKd74GNmCy3C4aQKu4nlv0UuvDgiaKcCXihlDxVzDq40ZAMd44Pf
+JybNHLHH0+Ktb7Uwb4aJkTa/jkpei4UtaYQ6LWzIbqA7IomkfYAG2Ci113pdHkDX
+isnDrvjE+pEEgOvtgpsDaoZS0wq+K8pml2BkbCqyMHE5kEk/Dem8jAAGNp45nqL+
+bgVWYwoLIciLSg==
+-----END CERTIFICATE REQUEST-----

ssl/default.key

+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAtaPFdqwYKtXLrzjTan61ZP4dOxtrucfJ544rNz2VzOBlgYbp
+vFc1gii0DIsL9VgDZzlNvs72QwHFcz5WV/sl99moWkDPm/nzMwhYv1nZax4z66an
+jE2mMEhqxm9ZO+qxthqEakk7ytdfbNo4ZAzIidGhERg/dLkl+eJKmjlm/AaE6XOw
+oLhiZ/KWFz2ggZ3MInJ1PYLHpYGG3YB7ILWwv+T8hbWFEuA/PtM/m+WVPLKg6c++
+FXV83l9t6u7h6+7XFWS4PnmpHzV4G7NkWPV7bBWWUc4sXhM2lBNGujABkk0xioBH
+AOxpWh4Jy2vfsUMBgTtzqRU/vcU94DJBwJgrkwIDAQABAoIBAQCAJKDbXv/RwHDp
+FiL4v5mDPU8r8uVl9I/5fy/30cfL+QdDgQWG7NOAFu0m6DWwib4k5aV2lpXfofFF
+o1XQzgr0NybxPUX6GTU87IeHv4CGdJFWj4Umk2VKLNy/T7DZd3KWMVD3luDK8nSM
+28rqsqYLrMt/vuaNl002ZDITaanA5Dss9B4n0bNFWcVd4dWwB6OFqbBmL2yTGSsb
+zjHQxPWB4SQRTnqXqque5p0PvLzNEQjusskAd0USUjdqmJ5pzPP4uZuzwiGNHFim
+SzKQGZcLUs7p9Y40QQDjfpPr9p6VSOCwLGOTEary7SxMKbshqOfuFyPEwRzf0XqY
+1q79u3VBAoGBAOqFixGgXnigEEak/mZgbl7LKs2YKINm7U1fSBrp732L9sWCMeUt
+c/1DcB/J5pQef/VmxvsNUEBI0qeyTuRuluzMhQ14mHHQn+eL3gPN8sZylCnfzHIr
+1q8K29mcA1/lm7D61IhrtorfS56zHDjm5cSPyvXBE6pIzgZyqjojrEDhAoGBAMZG
+Y8Gc8o9zdlM8RwOuIa5v3NpIJoI40m+3YylrsoxD6XyVMX2FqQNM/qa/cWZg4U4F
+sj+7sg9a8geUhW3yqdXYFrfqZZBHUJesWuaoKs35bzSvJ21pQA+rdbhOb9BKYIe/
+dEQMTCIJwdQVmnnZwEpdWpPScMR3QB/gpeywq1bzAoGAB2SiV7HoiIDzQmbdJjkQ
+AakB9m0/ibTq8i94xHBvflO1OdC65fCi4W8Iz9e7jxvPCNtulmd7CivBiEvUtNrP
+ozNnVl9g3uWmxNPh8djCOINQLGnDti2vnOEIwTlr2dARMmkV3h8XKBWV+rDGyPxu
+bd3ilhC6H/oflJB00VRij8ECgYAVhpDP9UUUM9nVwYaILMB1WqmkfQ7JNngKLuOy
+HIIe3kScBOqBkSA/Pn2rBr+9+KidOtsWNj9nkV0TW5l8zUqI79PPlb//AO8L+GdK
+AVncUMc09gsWwsV0rg2yu7lB6MFAG5X4yUj+rQaBCvNhZTWOHUJ3J/KcMcIhc9cv
+siJ35wKBgBm0l5EWNFqJ5CExvT1zVfbMSnAwR00xPOROgtErcwUF8Ys1jzzX1mVN
+OkiyEuJhubWsFF6GiRyPpKyYRN61ypqk1Oc3K9xvuzlWhW0aRGxJUcMEvZPzyHNd
+DZCyjjg0vBG+OrX3Ex+YRetDz9uwmE9rEU2FISFeBZPz/2Gb6SGd
+-----END RSA PRIVATE KEY-----

startup.sh

+#!/bin/bash
+
+if [ ! -f /etc/nginx/ssl/default.crt ]; then
+    openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
+    openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
+    openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.crt"
+fi
+
+nginx

upstreams/node.conf

+upstream node-upstream { server node:3000; }
+upstream node-tmp-upstream { server supplier-node:3000; }

upstreams/php.conf

+upstream php-upstream { server php-fpm:9000; }