server { listen 80; server_name monitor.kernelstudio.com; include server/error.conf; access_log /var/log/nginx/monitor.kernelstudio.com.access.log access; error_log /var/log/nginx/monitor.kernelstudio.com.error.log debug; # 临时开启debug,排查WS错误 # 核心:屏蔽后端 X-Frame-Options + 统一设置 proxy_hide_header X-Frame-Options; add_header X-Frame-Options "sameorigin" always; # 全局跨域头(开发环境) add_header Access-Control-Allow-Origin "*" always; add_header Access-Control-Allow-Methods "GET,POST,PUT,DELETE,OPTIONS" always; add_header Access-Control-Allow-Headers "Content-Type,Authorization,X-Grafana-Org-Id,Upgrade,Connection" always; # 允许跨域预检请求(OPTIONS) if ($request_method = OPTIONS) { return 204; } # 全局 proxy 基础配置 proxy_http_version 1.1; proxy_connect_timeout 60s; proxy_set_header X-Host $host; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # ========== 最高优先级:Grafana Live WS(覆盖所有带参数的WS请求) ========== # 正则匹配 /api/live/ws 及后续所有参数/路径 location ~ ^/api/live/ws { # WebSocket 必须的头部 proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # 保持其他头部传递 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket 超时设置 proxy_read_timeout 86400; proxy_connect_timeout 86400; proxy_send_timeout 86400; # 禁用缓冲 proxy_buffering off; proxy_cache off; proxy_pass http://192.168.1.200:3000; } # ========== 次优先级:Grafana 其他 API/页面路径 ========== # 1. 匹配 /apis/(带s)开头的所有路径 location ~ ^/apis/ { proxy_next_upstream http_500 http_502 http_504 error timeout invalid_header; proxy_read_timeout 300s; proxy_pass http://192.168.1.200:3000; } # 2. 匹配 /api/ 下的 Grafana 核心 API(排除 live/ws,已单独匹配) location ~ ^/api/(user|frontend-metrics|datasources|ds|dashboards|prometheus|plugins|features\.grafana\.ap|public)($|/) { proxy_next_upstream http_500 http_502 http_504 error timeout invalid_header; proxy_read_timeout 300s; proxy_pass http://192.168.1.200:3000; } # 3. 匹配 Grafana 页面路径 location ~ ^/(d|login|public|avatar)($|/) { proxy_next_upstream http_500 http_502 http_504 error timeout invalid_header; proxy_read_timeout 300s; proxy_pass http://192.168.1.200:3000; } # ========== Vite 相关路径(最后匹配) ========== # 1. Vite HMR 的 WebSocket 路径 location /ws { proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_read_timeout 86400s; proxy_pass http://192.168.1.200:8888; } # 2. Vite 开发环境兜底 location / { include custom/api.access.conf; proxy_next_upstream http_500 http_502 http_504 error timeout invalid_header; # 禁用缓存 add_header Cache-Control "no-cache, no-store, must-revalidate" always; add_header Pragma "no-cache" always; add_header Expires "0" always; proxy_pass http://192.168.1.200:8888; } }