The previous article of the scheme: Building a family private cloud disk scheme series tutorial + N2n + Nextcloud
Previous: Home Private Cloud Disk Tutorial Series - Locally Build a Home NAS Solution
The creation of N2N central nodes and client nodes on the public network has been mentioned above, and will not be mentioned here.
As a follow-up, this will illustrate the use of Nginx on the public server to forward tcp traffic to the intranet.
Install Nginx
#安装编译支持库
mkdir /mnt/tools -p
cd /mnt/tools
yum -y install gcc automake autoconf libtool make
yum install gcc gcc-c++
#安装PCRE
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.40.tar.gz
tar -xzf pcre-8.40.tar.gz -C ./
cd pcre-8.40
./configure --prefix=/usr/local/pcre
make && make install
cd ..
#安装zlib
wget http://zlib.net/zlib-1.2.11.tar.gz
tar -xzf zlib-1.2.11.tar.gz -C ./
cd zlib-1.2.11
./configure --prefix=/usr/local/zlib
make && make install
cd ..
#安装openss
wget https://www.openssl.org/source/openssl-1.0.2k.tar.gz
tar -xzf openssl-1.0.2k.tar.gz -C ./
#注意,这里不需要进行安装,后面步骤省略。
#编译安装nginx
wget http://nginx.org/download/nginx-1.12.0.tar.gz
tar -xzf nginx-1.12.0.tar.gz -C ./
cd nginx-1.12.0
./configure \
--prefix=/usr/local/nginx \
--sbin-path=/usr/local/nginx/nginx \
--conf-path=/usr/local/nginx/nginx.conf \
--pid-path=/usr/local/nginx/nginx.pid \
--with-http_ssl_module \
--with-pcre=/mnt/tools/pcre-8.40/ \
--with-zlib=/mnt/tools/zlib-1.2.11/ \
--with-openssl=/mnt/tools/openssl-1.0.2k/ \
--with-stream
#注:cpre、zlib、openssl等依赖包的路径是解压的源码路径不是安装后的路径。
make
make install
nginx configuration
cd /usr/local/nginx/
vi nginx.conf
tail append configuration
stream {
log_format proxy '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
access_log /var/log/nginx/tcp-access.log proxy ;
open_log_file_cache off;
include /usr/local/nginx/conf.d/*.stream;
}
Create log directory, configuration directory
mkdir /var/log/nginx/
mkdir /usr/local/nginx/conf.d/
cd /usr/local/nginx/conf.d/
Create a new tcp forwarding configuration file
vi /usr/local/nginx/conf.d/tcp-local-10.0.0.25.stream
upstream TCP10251 {
hash $remote_addr consistent;
server 10.0.0.25:22;
}
upstream TCP10252 {
hash $remote_addr consistent;
server 10.0.0.25:80;
}
upstream TCP10253 {
hash $remote_addr consistent;
server 10.0.0.25:3306;
}
upstream TCP10254 {
hash $remote_addr consistent;
server 10.0.0.25:10025;
}
server {
listen 10251;
proxy_connect_timeout 5s;
proxy_timeout 300s;
proxy_pass TCP10251;
}
server {
listen 10252;
proxy_connect_timeout 5s;
proxy_timeout 300s;
proxy_pass TCP10252;
}
server {
listen 10253;
proxy_connect_timeout 5s;
proxy_timeout 300s;
proxy_pass TCP10253;
}
server {
listen 10254;
proxy_connect_timeout 5s;
proxy_timeout 300s;
proxy_pass TCP10254;
}
run nginx
/usr/local/nginx/nginx
Test public network proxy access
http://115.0.0.1:10254/
http://115.0.0.1:10254/Evil.Minds.2015.S01.EP01.1080P.WEB-DL.mp4
(over)