server{
      listen 80;    #表示监听80端口
      server_name lyonlee.cn ;
      location / {    #将80端口强制转为https
         rewrite ^/(.*)$ http://www.lyonlee.cn/$1 permanent;
      }
}

server
{ 
        listen 443 ssl;    #表示监听443端口即https
        server_name lyonlee.cn ;
        ssl on;
        ssl_certificate 1_www.lyonlee.cn_bundle.crt;   #证书公钥文件路径
        ssl_certificate_key 2_www.lyonlee.cn.key;      #证书私钥文件路径
        ssl_session_timeout 5m;                                         #5分钟session会话保持
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {    #跳转到实际应用
            proxy_pass http://127.0.0.1:8080;
            proxy_redirect   off;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
    }
}