I. Introduction
Reverse proxy role
Hide Server Information -> safety assurance within the network, usually as a reverse proxy to access the public network address, web server within the network, that is configured to access external network within the network web server by nginx
For example
For example, small series of cloud-yard personal blog address is: http: //zhengqingya.gitee.io/blog/, now Xiao Bian want to access the cloud through their own code to the server address http://www.zhengqing520.com/blog/ the above personal blog address, and access their own server ip address or domain name address, this time we can reverse proxy Nginx configuration is achieved by ~
Two, Nginx reverse proxy how to configure it?
We can proxy_pass to configure
(1) Found nginx configuration file nginx.conf
Warm Tips
Nginx docker small series by pulling, the default profile is introduced nginx.conf default.conf file contained
That nginx.conf profile configuration following a
include /etc/nginx/conf.d/*.conf;
(2) modify the configuration -> Reverse Proxy implemented
Note: The contents of this small series of default.conf I mentioned nginx.conf profile configuration file to achieve
that is annotated include /etc/nginx/conf.d/*.conf;
Simple Configuration
For example www.zhengqing520.com forwarded to http://zhengqingya.gitee.io
server {
listen 80;
server_name www.zhengqing520.com;# 服务器地址或绑定域名
location / { # 访问80端口后的所有路径都转发到 proxy_pass 配置的ip中
root /usr/share/nginx/html;
index index.html index.htm;
proxy_pass http://zhengqingya.gitee.io; # 配置反向代理的ip地址和端口号 【注:url地址需加上http:// 或 https://】
}
}
Complex configuration
Depending on the extension to access different server address
- www.zhengqing520.com/api forwarded to http://www.zhengqing520.com:9528/api/
- www.zhengqing520.com/blog/ forwarded to http://zhengqingya.gitee.io/blog/
server {
listen 80;
server_name www.zhengqing520.com;# 服务器地址或绑定域名
location ^~ /api { # ^~/api 表示匹配前缀为api的请求
proxy_pass http://www.zhengqing520.com:9528/api/; # 注:proxy_pass的结尾有/, -> 效果:会在请求时将/api/*后面的路径直接拼接到后面
# proxy_set_header作用:设置发送到后端服务器(上面proxy_pass)的请求头值
# 【当Host设置为 $http_host 时,则不改变请求头的值;
# 当Host设置为 $proxy_host 时,则会重新设置请求头中的Host信息;
# 当为$host变量时,它的值在请求包含Host请求头时为Host字段的值,在请求未携带Host请求头时为虚拟主机的主域名;
# 当为$host:$proxy_port时,即携带端口发送 ex: $host:8080 】
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; # 在web服务器端获得用户的真实ip 需配置条件① 【 $remote_addr值 = 用户ip 】
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;# 在web服务器端获得用户的真实ip 需配置条件②
proxy_set_header REMOTE-HOST $remote_addr;
# proxy_set_header X-Forwarded-For $http_x_forwarded_for; # $http_x_forwarded_for变量 = X-Forwarded-For变量
}
location ^~ /blog/ { # ^~/blog/ 表示匹配前缀为blog/后的请求
proxy_pass http://zhengqingya.gitee.io/blog/;
proxy_set_header Host $proxy_host; # 改变请求头值 -> 转发到码云才会成功
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
}
}
Third, the summary
Here then give the entire contents of the small series about the nginx configuration file for reference
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
# include /etc/nginx/conf.d/*.conf; # 引入default.conf配置文件
server {
listen 80;
server_name www.zhengqing520.com;# 服务器地址或绑定域名
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
# start ---------------------------------------------------------------------------------------------
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ @router;
index index.html index.htm;
# proxy_pass http://zhengqingya.gitee.io; # 代理的ip地址和端口号
# proxy_connect_timeout 600; #代理的连接超时时间(单位:毫秒)
# proxy_read_timeout 600; #代理的读取资源超时时间(单位:毫秒)
}
location @router {
rewrite ^.*$ /index.html last;
}
location ^~ /api { # ^~/api/表示匹配前缀为api的请求
proxy_pass http://www.zhengqing520.com:9528/api/; # 注:proxy_pass的结尾有/, -> 效果:会在请求时将/api/*后面的路径直接拼接到后面
# proxy_set_header作用:设置发送到后端服务器(上面proxy_pass)的请求头值
# 【当Host设置为 $http_host 时,则不改变请求头的值;
# 当Host设置为 $proxy_host 时,则会重新设置请求头中的Host信息;
# 当为$host变量时,它的值在请求包含Host请求头时为Host字段的值,在请求未携带Host请求头时为虚拟主机的主域名;
# 当为$host:$proxy_port时,即携带端口发送 ex: $host:8080 】
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; # 在web服务器端获得用户的真实ip 需配置条件① 【 $remote_addr值 = 用户ip 】
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;# 在web服务器端获得用户的真实ip 需配置条件②
proxy_set_header REMOTE-HOST $remote_addr;
# proxy_set_header X-Forwarded-For $http_x_forwarded_for; # $http_x_forwarded_for变量 = X-Forwarded-For变量
}
location ^~ /blog/ { # ^~/blog/ 表示匹配前缀为blog/后的请求
proxy_pass http://zhengqingya.gitee.io/blog/;
proxy_set_header Host $proxy_host; # 改变请求头值 -> 转发到码云才会成功
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
}
# end ---------------------------------------------------------------------------------------------
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
}
