Nginx正向代理和反向代理配置

MartinDai發表於2019-01-19
Nginx

前言

Nginx的反向代理功能應該是Nginx諸多功能裡面最常用的一個功能了,正向代理的話可能使用的場景比較少,平時接觸的也不多,本章內容僅包含這兩個功能的基本使用配置,因為是本地版本的,所以不包含負載均衡相關的內容。

完整配置和註釋

user   root owner;
worker_processes  4;

#error_log  /usr/local/etc/nginx/logs/error.log;
#error_log  /usr/local/etc/nginx/logs/info.log info;

pid        /Users/martin/nginx.pid;

events {
    worker_connections  256;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    #日誌的格式
    #log_format  main  `$remote_addr - $remote_user [$time_local] "$request" `
    #                  `$status $body_bytes_sent "$http_referer" `
    #                  `"$http_user_agent" "$http_x_forwarded_for"`;

    #訪問日誌
    #access_log  /usr/local/etc/nginx/logs/access_log_pipe  main;

    #sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    gzip  on;

    #反向代理配置

    server {
        listen       443 ssl;          #監聽443埠
        server_name  app.doodl6.com;   #服務域名
        ssl          on;               #是否開啟SSL加密
        ssl_certificate         /Users/martin/Documents/ssl/doodl6.crt; # SSL加密證書
        ssl_certificate_key     /Users/martin/Documents/ssl/doodl6.key; # SSL加密祕鑰

        charset UTF-8;   #編碼指定

        location ~* ^.+.(xls|woff2|log|jpg|jpeg|gif|png|ico|html|cfm|cfc|afp|asp|lasso|pl|py|txt|fla|swf|zip|js|css|less)$ {   #代理指定字尾的請求,這裡配的是常見的前端資源
            proxy_pass https://127.0.0.1:80;  #轉向提供內容的真實伺服器地址,也可以配置本地目錄(見HTTP代理配置)
            proxy_set_header Host $http_host;  #寫入Header值,
            proxy_set_header referer "$http_referer";
        }  

        location = / {        #代理域名請求,也就只有域名的請求,如:https://app.doodl6.com
            proxy_pass https://127.0.0.1:8080;
            proxy_set_header Host $http_host;
        } 

        location ~ / {       #代理所有請求,不符合上面兩種配置的請求都會走這個代理配置
            proxy_pass http://127.0.0.1:8080;
            proxy_set_header Host $http_host;
        }
    }

    server {
        listen       80;
        server_name  app.doodl6.com;
        charset UTF-8; 

        location ~* ^.+.(xls|woff2|log|jpg|jpeg|gif|png|ico|html|cfm|cfc|afp|asp|lasso|pl|py|txt|fla|swf|zip|js|css|less|ico)$ {
            expires 30s;   #內容快取30秒
            root /Users/martin/project/app/front;  #指定檔案根目錄
        } 

        location ~ / {
            proxy_pass http://127.0.0.1:8080;
            proxy_set_header Host $http_host;
        }
    }

    #正向代理配置

    server{
        listen 82;   #監聽埠 
        resolver 8.8.8.8;   #DNS
        resolver_timeout 10s;  # DNS解析超時時間
        location / {
            proxy_pass http://$http_host$request_uri;
            proxy_set_header Host $http_host;
            proxy_buffers 256 4k;
            proxy_max_temp_file_size 0;
            proxy_connect_timeout 30;
            proxy_cache_valid 200 302 10m;
            proxy_cache_valid 301 1h;
            proxy_cache_valid any 1m;
        }
    }

    #本地反向轉正向代理

    server {
        listen       80;
        server_name  proxy.doodl6.com;
        charset UTF-8; 

        location ~ / {
            proxy_pass http://127.0.0.1:82;  #轉到本地正向代理
            proxy_set_header Host $http_host;
        }
    }

}

相關文章