frp nginx configuration to achieve intranet penetration (and configure https penetration)

Requires a vps with an external network and a vps with an internal network 

frp download address: https://github.com/fatedier/frp/releases

Server-side operations:

nginx:

    

    	server {
    	    listen       443;
    	    server_name https domain name;
    	    ssl on;
    	    ssl_certificate certificate 1;
    	    ssl_certificate_key certificate 2;
    	    ssl_session_timeout 5m;
    	    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    	    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256: HIGH:! aNULL:! MD5:! RC4:! DHE;
    	    ssl_prefer_server_ciphers on;
        	location / {
        	    if ($args ~* "redirect:") {
        	             return 403;
        	    }
        	    if ($args ~* "action:") {
        	            return 403;
        	    }
        	    if ($args ~* "redirectAction:") {
        	             return 403;
        	    }
	    		if ($http_user_agent ~* "python|curl|java|wget|httpclient|okhttp") {
        	     return 503;
       		    }
        	    proxy_set_header  X-Forwarded-Host $host;
        	    proxy_set_header  X-Forwarded-Proto $scheme;
        	    proxy_set_header  X-Real-IP  $remote_addr;
        	    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
        	    proxy_set_header Host $http_host;
        	    proxy_redirect off;
        	    expires off;
        	    sendfile off;
        	    proxy_pass http://http domain name: (local port number);
        	}
    	}
    	server {
    	    listen       80;
    	    server_name http domain name;
    	    location / {
		proxy_pass http://http domain name: (local port number);

              proxy_redirect off;

             proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Scheme $scheme; } }

frps:

[common]
bind_addr = server ip
bind_port = 7000
bind_udp_port = 7001
kcp_bind_port = 7000
vhost_http_port = local service port
dashboard_port = 7500
dashboard_user = account
dashboard_pwd = password
privilege_mode = true
privilege_token = password
#log_max_days = 7
max_pool_count = 100
#log_level = info
#log_file = frps.log

Local operation:

[common]
server_addr = server ip
server_port = 7000
privilege_token = password
#log_file = frpc.log
#log_level = info
#log_max_days = 7


[frpc.ilawedu.cn]
type = http
privilege_mode = true
local_ip = 127.0.0.1
local_port = local service port
custom_domains = http domains
use_gzip = true


[frps.ilawedu.cn]
type = http
privilege_mode = true
local_ip = 127.0.0.1
local_port = local service port
custom_domains = https domains
use_gzip = true

Then just start

Then visit the domain name + project

The source of the reprint statement