Nginx configuration reverse agent

By Nginx

1. Preface

Reverse proxy function

Hide server information -> to ensure the security of the internal network, usually the reverse proxy is used as the public network access address, and the web server is the internal network, that is, through nginx configures the external network to access the web server intranet

Example

For example, the editor’s code cloud personal blog address is: http://zhengqingya.gitee.io/blog/, now small I want to access the personal blog address on Code Cloud through my server address http://www.zhengqing520.com/blog/, and the access address is my server ip or domain name address, then we can configure it through Nginx Reverse proxy implementation~

Second, how does Nginx configure reverse proxy?

We can configure through proxy_pass

(1) Find the nginx configuration file nginx.conf

Warm tips

The editor is nginx pulled through docker. The default configuration file is the default.conf file introduced and included in nginx.conf
That is to say, the nginx.conf configuration file has the following configuration

< pre>include /etc/nginx/conf.d/*.conf;

(2) Modify configuration -> Realize reverse proxy

Note: I will The content in my default.conf configuration file refers to the nginx.conf configuration file to achieve
that is, comment include /etc/nginx/conf.d/*.conf;

Simple configuration

For example, www.zhengqing520.com forwarded to http://zhengqingya.gitee.io

server {
 listen 80;
 server_name www.zhengqing520 .com;# Server address or binding domain name

 location / {# All paths after accessing port 80 are forwarded to the ip configured by proxy_pass
 root /usr/share/nginx/html ;
 index index.html index.htm;
 proxy_pass http://zhengqingya.gitee.io; # Configure the ip address and port number of the reverse proxy [Note: http:/ must be added to the URL address / Or https://]
 }
}

Complex configuration

Access different server addresses according to different suffixes

  1. www.zhengqing520.com/api forward to http://www.zhengqing520.com:9528/api/
  2. www.zhengqing520.com/blog/ forward Send to http://zhengqingya.gitee.io/blog/
server {
 listen 80;
 server_name www.zhengqing520.com;# server address or binding Domain name

 location ^~ /api {# ^~/api means to match the request with prefix api
 proxy_pass http://www.zhengqing520.com:9528/api/; # Note : The end of proxy_pass has /, -> Effect: The path behind /api/* will be directly spliced ​​to the back when requesting.

 # proxy_set_header Function: Set to send to the back-end server (proxy_pass above) Request header value
 # [When Host is set to $http_host, the value of the request header will not be changed;
 # When Host is set to $proxy_host, the Host information in the request header will be reset;< br /> # When it is the $host variable, its value is the value of the Host field when the request contains the Host request header, and when the request does not carry the Host request header, it is the main domain name of the virtual host;
 # When it is $ host:$proxy_port, carry the port and send ex: $host:8080]
 proxy_set_header Host $host; 

 proxy_set_header X-Real-IP $remote_addr; # Get users on the web server The real ip needs to be configured with conditions① [$remote_addr value = user ip]
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;# To get the user’s real ip on the web server side needs to configure conditions②
 proxy_set_header REMOTE-HOST $remote_addr;
 # proxy_set_head er X-Forwarded-For $http_x_forwarded_for; # $http_x_forwarded_for variable = X-Forwarded-For variable
 }

 location ^~ /blog/ {# ^~/blog/ indicates that the matching prefix is Request after blog/
 proxy_pass http://zhengqingya.gitee.io/blog/; 

 proxy_set_header Host $proxy_host; # Change the request header value -> Forward to code cloud will succeed 
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-NginX-Proxy true;
 }
} 
Three. Summary
 
Here is the whole content of the editor nginx configuration file for reference
 
user nginx;
worker_processes 1;< br />
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;

events {
 worker_connections 1024 ;
}

http {
 include /etc/nginx/mime.types;
 default_type application/octet-stream;

 log_format main'$remote_addr-$remote_user [$time_local] "$request"'
'$status $body_bytes_ sent "$http_referer"'
'"$http_user_agent" "$http_x_forwarded_for"';

 access_log /var/log/nginx/access.log main;

 sendfile on;
 #tcp_nopush on;

 keepalive_timeout 65;

 #gzip on;

 # include /etc/nginx/conf .d/*.conf; # Import the default.conf configuration file

 server {
 listen 80;
 server_name www.zhengqing520.com;# Server address or binding domain name< br />
 #charset koi8-r;
 #access_log /var/log/nginx/host.access.log main;

 # start ------- -------------------------------------------------- ------------------------------------

 location / {
 root /usr/share/nginx/html;
 try_files $uri $uri/ @router;
 index index.html index.htm;
 # proxy_pass http://zhengqingya.gitee. io; # Proxy ip address and port number
 # proxy_connect_timeout 600; #Proxy connection timeout (unit: milliseconds)< br /> # proxy_read_timeout 600; #Proxy read resource timeout time (unit: milliseconds)
} 

 location @router {
 rewrite ^.*$ /index.html last; 
 }

 location ^~ /api {# ^~/api/ means matching the request with prefix api
 proxy_pass http://www.zhengqing520.com:9528 /api/; # Note: there is / at the end of proxy_pass, -> Effect: The path behind /api/* will be spliced ​​directly to the back when requesting

 # proxy_set_header Function: Settings are sent to the backend The request header value of the server (proxy_pass above)
 # [When Host is set to $http_host, the value of the request header will not be changed;
 # When the Host is set to $proxy_host, the request header will be reset Host information in;
 # When it is the $host variable, its value is the value of the Host field when the request contains the Host request header, and when the request does not carry the Host request header, it is the main domain name of the virtual host;
 # When it is $host:$proxy_port, send ex: $host:8080 with the port]
 proxy_set_header Host $host; 

 proxy_set_header X-Real-IP $remote_addr; # To obtain the user's real IP on the web server side, you need to configure the conditions① [$remote_addr value = user ip]
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;# To get the user’s real IP on the web server side, you need to configure the conditions②
 proxy_set_header REMOTE-HOST $remote_addr;
 # proxy_set_header X-Forwarded-For $http_x_forwarded_for; # $http_x_forwarded_for variable = X-Forwarded-For variable
 }

 location ^~ /blog / {# ^~/blog/ means matching the request after the prefix is ​​blog/
 proxy_pass http://zhengqingya.gitee.io/blog/; 

 proxy_set_header Host $proxy_host; # change Request header value -> Forward to Code Cloud will succeed
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-NginX-Proxy true; 
 }

 # end ----------------------------------- -------------------------------------------------- --------

 #error_page 404 /404.html;

 # redirect server error pages to the static page /50x.html
 # 
 error_page 500 502 503 504 /50x.html;
 location = /50x.html {
 root /u sr/share/nginx/html;
 }

 }
}
, , ,

Leave a Comment

Your email address will not be published.