feat: 添加 Nginx HTTPS 配置模板

- 新建 Nginx 服务器配置模板，启用 HTTPS/SSL 和 HTTP/2
- 配置 SSL/TLS 安全参数，包括 TLS 1.2/1.3 协议和强加密套件
- 添加安全响应头：HSTS、CSP、X-Frame-Options 等
- 设置静态文件服务，包含缓存控制策略
- 配置访问日志和错误日志记录

template/nginx/template

@@ -0,0 +1,36 @@
+server {
+    listen 10443 ssl http2;
+    listen [::]:10443 ssl http2;
+
+    server_name drdfilenest.xyz www.drdfilenest.xyz blog.drdfilenest.xyz;
+
+    # HTTPS
+    ssl_certificate /etc/nginx/ssl/fullchain.pem;
+    ssl_certificate_key /etc/nginx/ssl/privkey.pem;
+
+    # SSL
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_tickets off;
+
+    # HSTS配置
+    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
+    # 安全响应头
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Frame-Options DENY;
+    add_header Content-Security-Policy "default-src 'self'";
+    root  /opt/fuwari/dist;
+    location / {
+        index  index.html;
+        add_header Cache-Control "public, max-age=3600" always;
+        add_header X-Frame-Options SAMEORIGIN;
+        add_header X-Content-Type-Options nosniff;
+    }
+    access_log /var/log/nginx/blog.drdfilenest-access.log;
+    error_log /var/log/nginx/blog.drdfilenest-error.log;
+}
+