哪吒面板v1在宝塔上使用nginx反代的配置

哪吒v1用的挺久了，一直用的Claw爪云SG当做主控端。

时间一久，总想换一个节点。

换完后，把数据之类的一切都恢复，但发现主控端的哪吒面板不太好用了。

发生了从主页点击 dashboard 后台出现444错误。

原因在于我偷懒直接通过宝塔站点的“反向代理”把端口转发到443，随后就直接应用导致发生这个错误。

下面是我按照官方文档修改了部分，针对宝塔安装的 Nginx 1.26.2 版本，别的版本不知道有没有用。

server {
    listen 80;
    listen 443 ssl ;
    listen [::]:443 ssl ;
    http2 on;
    listen 443 quic;

    server_name jiankong.com;

    #CERT-APPLY-CHECK--START
    include /www/server/panel/vhost/nginx/well-known/jiankong.comconf;
    #CERT-APPLY-CHECK--END

    #HTTP_TO_HTTPS_START
    set $isRedcert 1;
    if ($server_port != 443) {
        set $isRedcert 2;
    }
    if ($uri ~ /\.well-known/) {
        set $isRedcert 1;
    }
    if ($isRedcert != 1) {
        rewrite ^(/.*)$ https://$host$1 permanent;
    }
    #HTTP_TO_HTTPS_END

    ssl_certificate    /www/server/panel/vhost/cert/jiankong.com/fullchain.pem;
    ssl_certificate_key    /www/server/panel/vhost/cert/jiankong.com/privkey.pem;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_tickets on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    add_header Strict-Transport-Security "max-age=31536000" always;
    add_header Alt-Svc 'quic=":443"; h3=":443"; h3-29=":443"; h3-27=":443";h3-25=":443"; h3-T050=":443"; h3-Q050=":443";h3-Q049=":443";h3-Q048=":443"; h3-Q046=":443"; h3-Q043=":443"';

    underscores_in_headers on;
    set_real_ip_from 0.0.0.0/0;
    real_ip_header CF-Connecting-IP;
    # grpc 相关  
    location ^~ /proto.NezhaService/ {
        grpc_set_header Host $host;
        grpc_set_header nz-realip $http_CF_Connecting_IP;
        grpc_read_timeout 600s;
        grpc_send_timeout 600s;
        grpc_socket_keepalive on;
        client_max_body_size 10m;
        grpc_buffer_size 4m;
        grpc_pass grpc://127.0.0.1:8008;
    }
    # websocket 相关
    location ~* ^/api/v1/ws/(server|terminal|file)(.*)$ {
        proxy_set_header Host $host;
        proxy_set_header nz-realip $http_cf_connecting_ip;
        proxy_set_header Origin https://$host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 3600s;
        proxy_send_timeout 3600s;
        proxy_pass https://127.0.0.1:8008;
    }
    # web
    location / {
        proxy_set_header Host $host;
        proxy_set_header nz-realip $http_cf_connecting_ip;
        proxy_read_timeout 3600s;
        proxy_send_timeout 3600s;
        proxy_buffer_size 128k;
        proxy_buffers 4 256k;
        proxy_busy_buffers_size 256k;
        proxy_max_temp_file_size 0;
        proxy_temp_file_write_size 256k;  # ← 关键修复！
        proxy_pass https://127.0.0.1:8008;
    }

    access_log /www/wwwlogs/jiankong.com.log;
    error_log /www/wwwlogs/jiankong.com.error.log;
}

upstream dashboard {
  server 127.0.0.1:8008;
  keepalive 512;
}

把 jiankong.com 换成自己的域名，解析好，并配置好 ssl 证书即可。