Nginx反向代理https服务
时间:2014-12-07 02:10 来源:linux.it.net.cn 作者:IT
背景:
最近因工作需要,需在Web前端做一个代理,来解决部分用户不能访问的需求;之前通过Nginx反向代理已实现对Web的代理,但后来发现还有站点为https的,所以又找了些资料,整理了一下,测试完成。
方法:
Nginx代理web站点ttxsgoto.com的相关部署和配置主要如下脚本实现:
#!/bin/bash
path_soft=$(pwd)
function base(){
yum -y install make gcc gcc-c++ autoconf
}
function install(){
groupadd www
useradd -g www www
wget http://1.1.1.1/nginx/pcre-8.36.tar.gz
tar zxvf pcre-8.36.tar.gz
cd pcre-8.36
./configure
make && make install
wget http://1.1.1.1/nginx/nginx-1.6.2.tar.gz
tar zxvf nginx-1.6.2.tar.gz
cd nginx-1.6.2
./configure --user=www --group=www --prefix=/usr/local/web/nginx --with-http_stub_status_module --with-http_ssl_module
make &&make install
}
function config(){
sed -i "s#\#gzip\ \ on;#\#gzip\ \ on;\n\n include\ \ vhosts/*.conf; #g" /usr/local/web/nginx/conf/nginx.conf
mkdir /usr/local/web/nginx/conf/vhosts
cat << EOF >> /usr/local/web/nginx/conf/vhosts/ttxsgoto.com.conf
server
{
listen 80;
server_name ttxsgoto.com;
charset GB2312;
index index.html index.htm;
root /date/wwwroot/itnetcn/;
location ~ ^/NginxStatus/ {
stub_status on;
access_log off;
}
location / {
proxy_redirect off ;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header REMOTE-HOST \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
client_max_body_size 50m;
client_body_buffer_size 256k;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128m;
proxy_pass http://it.net.cn;
}
}
server
{
listen 8081;
server_name it.net.cn:8081;
charset GB2312;
index index.html index.htm;
root /date/wwwroot/ttxsgoto.com/;
location ~ ^/NginxStatus/ {
stub_status on;
access_log off;
}
location / {
proxy_redirect off ;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header REMOTE-HOST \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
client_max_body_size 50m;
client_body_buffer_size 256k;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_next_upstream error timeout invalid_header http_500 http_503 http_404;
proxy_max_temp_file_size 128m;
proxy_pass http://ttxsgoto.com:8081;
}
}
EOF
cat << EOF >> /etc/hosts
2.2.2.2 ttxsgoto.com
EOF
ln -s /usr/local/lib/libpcre.so.1 /lib64/
ulimit -SHn 51200
}
function start(){
/usr/local/web/nginx/sbin/nginx
}
function main(){
base
install
config
start
}
main
至此,nginx代理web的安装和配置都已完成,验证方法:在本地修改hosts文件:x.x.x.x ttxsgoto.com,通过浏览访问页面成功。
(责任编辑:IT)
背景: 最近因工作需要,需在Web前端做一个代理,来解决部分用户不能访问的需求;之前通过Nginx反向代理已实现对Web的代理,但后来发现还有站点为https的,所以又找了些资料,整理了一下,测试完成。
方法: Nginx代理web站点ttxsgoto.com的相关部署和配置主要如下脚本实现: #!/bin/bash path_soft=$(pwd)
yum -y install make gcc gcc-c++ autoconf }
groupadd www useradd -g www www
tar zxvf pcre-8.36.tar.gz cd pcre-8.36 ./configure make && make install
tar zxvf nginx-1.6.2.tar.gz cd nginx-1.6.2 ./configure --user=www --group=www --prefix=/usr/local/web/nginx --with-http_stub_status_module --with-http_ssl_module make &&make install } function config(){ sed -i "s#\#gzip\ \ on;#\#gzip\ \ on;\n\n include\ \ vhosts/*.conf; #g" /usr/local/web/nginx/conf/nginx.conf mkdir /usr/local/web/nginx/conf/vhosts
server { listen 80; server_name ttxsgoto.com; charset GB2312; index index.html index.htm; root /date/wwwroot/itnetcn/; location ~ ^/NginxStatus/ { stub_status on; access_log off; } location / { proxy_redirect off ; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header REMOTE-HOST \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; client_max_body_size 50m; client_body_buffer_size 256k; proxy_connect_timeout 30; proxy_send_timeout 30; proxy_read_timeout 60; proxy_buffer_size 256k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; proxy_next_upstream error timeout invalid_header http_500 http_503 http_404; proxy_max_temp_file_size 128m; proxy_pass http://it.net.cn; } } server { listen 8081; server_name it.net.cn:8081; charset GB2312; index index.html index.htm; root /date/wwwroot/ttxsgoto.com/; location ~ ^/NginxStatus/ { stub_status on; access_log off; } location / { proxy_redirect off ; proxy_set_header Host \$host; proxy_set_header X-Real-IP \$remote_addr; proxy_set_header REMOTE-HOST \$remote_addr; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; client_max_body_size 50m; client_body_buffer_size 256k; proxy_connect_timeout 30; proxy_send_timeout 30; proxy_read_timeout 60; proxy_buffer_size 256k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; proxy_next_upstream error timeout invalid_header http_500 http_503 http_404; proxy_max_temp_file_size 128m; proxy_pass http://ttxsgoto.com:8081; } } EOF cat << EOF >> /etc/hosts 2.2.2.2 ttxsgoto.com EOF ln -s /usr/local/lib/libpcre.so.1 /lib64/ ulimit -SHn 51200 } function start(){ /usr/local/web/nginx/sbin/nginx } function main(){ base install config start } main
至此,nginx代理web的安装和配置都已完成,验证方法:在本地修改hosts文件:x.x.x.x ttxsgoto.com,通过浏览访问页面成功。 (责任编辑:IT) |