配置

nginx.conf

 # 定义网关服务的负载均衡组
 upstream gateway_load_balance {
-    server 139.224.150.79:9010;
-    server 139.224.149.150:9011;
+    server 139.224.150.79:9010;  # 管理节点服务器上的网关实例
+    server 139.224.149.150:9011;  # 工作节点服务器上的网关实例
 }
 
 server {
     listen 2669;
     server_name _;
 
-    # 关键：正确设置根目录
     root /usr/share/nginx/html;
     index index.html;
 
-    # 设置安全头
-    add_header X-Frame-Options "SAMEORIGIN" always;
-    add_header X-Content-Type-Options "nosniff" always;
-    add_header X-XSS-Protection "1; mode=block" always;
-    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    # 静态资源处理 - 必须放在最前面
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|map)$ {
+        # ✅ 关键：添加 try_files 指令
+        try_files $uri =404;
 
-    # 1. 健康检查 - 最高优先级
-    location = /health {
-        access_log off;
-        add_header Content-Type text/plain;
-        return 200 "healthy\n";
-    }
-
-    # 2. 静态资源处理 - 第二优先级
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|map|json|webp)$ {
-        # 关键：使用正确的文件查找逻辑
-        try_files $uri $uri/ =404;
-
-        # 缓存控制
+        # 确保静态资源有正确的过期时间和缓存头
         expires 1y;
-        add_header Cache-Control "public, immutable, max-age=31536000";
+        add_header Cache-Control "public, immutable";
 
-        # CORS头
+        # 为静态资源添加CORS头
         add_header 'Access-Control-Allow-Origin' '*' always;
-        add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization' always;
+
+        # 处理OPTIONS请求（CORS预检）
+        if ($request_method = 'OPTIONS') {
+            add_header 'Access-Control-Allow-Origin' '*';
+            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
+            add_header 'Access-Control-Max-Age' 1728000;
+            add_header 'Content-Length' 0;
+            add_header 'Content-Type' 'text/plain; charset=UTF-8';
+            return 204;
+        }
     }
 
-    # 3. API请求处理 - 第三优先级
+    # 代理API请求到网关服务
     location /api/ {
-        # 注意：这里可能需要根据网关实际需求调整路径
+        # 负载均衡到两个网关服务实例
         proxy_pass http://gateway_load_balance/;
 
-        # 保留原始路径（网关可能需要/api前缀）
-        # 如果网关不需要/api前缀，可以使用：rewrite ^/api/(.*)$ /$1 break;
-
+        # 代理设置
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-Host $host;
-        proxy_set_header X-Forwarded-Port $server_port;
 
         # 超时设置
         proxy_connect_timeout 30s;
-        proxy_read_timeout 120s;
-        proxy_send_timeout 120s;
-        proxy_buffering off;
+        proxy_read_timeout 30s;
+        proxy_send_timeout 30s;
 
-        # CORS配置
+        # 缓冲区设置
+        proxy_buffering on;
+        proxy_buffer_size 4k;
+        proxy_buffers 8 4k;
+
+        # CORS 头
         add_header 'Access-Control-Allow-Origin' '*' always;
-        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH' always;
-        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization' always;
 
-        # 处理预检请求
+        # 处理OPTIONS请求（CORS预检）
         if ($request_method = 'OPTIONS') {
             add_header 'Access-Control-Allow-Origin' '*';
-            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH';
-            add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
+            add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
+            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
             add_header 'Access-Control-Max-Age' 1728000;
-            add_header 'Content-Type' 'text/plain; charset=utf-8';
             add_header 'Content-Length' 0;
+            add_header 'Content-Type' 'text/plain; charset=UTF-8';
             return 204;
         }
     }
 
-    # 4. SPA路由处理 - 最后兜底
+    # 健康检查接口
+    location /health {
+        access_log off;
+        return 200 "healthy\n";
+        add_header Content-Type text/plain;
+    }
+
+    # 前端路由处理 - 放在最后，作为兜底规则
     location / {
-        # 关键：正确处理Vue/React路由
-        try_files $uri $uri/ /index.html;
+        try_files $uri $uri/ /index.html; # 处理Vue路由history模式
 
-        # 禁用页面缓存
-        add_header Cache-Control "no-cache, no-store, must-revalidate" always;
-        add_header Pragma "no-cache" always;
-        add_header Expires "0" always;
+        # 为页面添加CORS头
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization' always;
     }
 }
\ No newline at end of file