SERVER_IP=你的服务器IP
sudo mkdir -p /etc/nginx/ssl
sudo openssl req -x509 -nodes -newkey rsa:2048 \
-keyout /etc/nginx/ssl/openclaw.key \
-out /etc/nginx/ssl/openclaw.crt \
-days 365 \
-subj "/CN=${SERVER_IP}" \
-addext "subjectAltName = IP:${SERVER_IP}"
sudo dnf install -y nginx
sudo tee /etc/nginx/conf.d/openclaw.conf > /dev/null <<'EOF'
server {
listen 443 ssl http2;
server_name _;
ssl_certificate /etc/nginx/ssl/openclaw.crt;
ssl_certificate_key /etc/nginx/ssl/openclaw.key;
ssl_protocols TLSv1.2 TLSv1.3;
add_header Strict-Transport-Security "max-age=31536000" always;
location / {
proxy_pass http://127.0.0.1:18789;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 3600;
proxy_send_timeout 3600;
}
}
server {
listen 80;
server_name _;
return 301 https://hostrequest_uri;
}
EOF
sudo nginx -t
sudo systemctl enable --now nginx
sudo systemctl restart nginx