美文网首页
【nginx】基于域名的nginx虚拟主机

【nginx】基于域名的nginx虚拟主机

作者: Bogon | 来源:发表于2021-11-06 00:17 被阅读0次

    一、背景

    内网环境有多套系统,都监听80、443 端口

    只有一个公网IP出口,无法实现将多个系统的 80 、443同时映射到公网IP上

    只能通过加层来解决,通过基于域名的nginx虚拟机主机承载内网多套系统,将nginx虚拟机主机服务器上 80、443映射出去就可以了。

    二、配置虚拟主机

    在虚拟主机服务器上,安装nginx

    # cat /etc/yum.repos.d/nginx.repo

    #########################################

    [nginx]

    name=nginx repo

    baseurl=http://nginx.org/packages/centos/7/$basearch/

    gpgcheck=0

    enabled=1

    ############################################

    # yum  list  available  --disablerepo="*"  --enablerepo="nginx"

    # yum  -y  install  nginx  --enablerepo="nginx" 

    # mkdir  /etc/nginx/ssl

    # cat /etc/nginx/nginx.conf

    ###############################################################

    # For more information on configuration, see:

    #  * Official English Documentation:http://nginx.org/en/docs/

    #  * Official Russian Documentation:http://nginx.org/ru/docs/

    user nginx;

    worker_processes auto;

    error_log /var/log/nginx/error.log;

    pid /run/nginx.pid;

    events {

        worker_connections  1024;

    }

    # stream转发

    stream {

        proxy_connect_timeout 10s;

        include /etc/nginx/conf.d/stream/*.conf;

    }

    # http转发

    http {

        client_max_body_size      500M;

        include                  mime.types;

        default_type              application/octet-stream;

        server_tokens            off;

        sendfile                  on;

        keepalive_timeout        65;

        send_timeout              600;

        proxy_set_header          X-Real-IP $remote_addr;

        proxy_set_header          X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header          host $host;

        proxy_send_timeout        600;

        proxy_read_timeout        600;

        proxy_connect_timeout    600;

        proxy_max_temp_file_size 4096m;

    #################################################

    # 开启websocket支持

        proxy_http_version 1.1;

        proxy_set_header Connection "";

        map $http_upgrade $connection_upgrade {

            default upgrade;

            '' close;

            }

    ###################################################

        include /etc/nginx/conf.d/http/*.conf;

    }

    ###############################################################

    # cat /etc/nginx/conf.d/http/443.conf

    ###################################################################

    upstream x1_443_service {

        server 192.168.1.101:443  max_fails=2 fail_timeout=60s;

      }

    upstream x2_443_service {

        server 192.168.1.102:443    max_fails=2 fail_timeout=60s;

      }

    # 虚拟机主机x1

    server {

        listen 443 ssl;

        server_name www.example1.com;

        ssl_certificate         /etc/nginx/ssl/www.example1.com.cer;

        ssl_certificate_key  /etc/nginx/ssl/www.example1.com.key;

        location / {

            proxy_connect_timeout    600;

            proxy_send_timeout        600;

            proxy_read_timeout        600;

            send_timeout              600;

            proxy_set_header          X-Real-IP $remote_addr;

            proxy_set_header          X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_set_header          host $host;

            proxy_pass                https://x1_443_service;

            # websocket

            proxy_http_version 1.1;

            proxy_set_header Upgrade $http_upgrade;

            proxy_set_header Connection "upgrade";

        }

    }


    #虚拟主机x2

    server {

        listen 443 ssl;

        server_name www.example2.com;

        ssl_certificate        /etc/nginx/ssl/www.example2.com.pem;

       ssl_certificate_key  /etc/nginx/ssl/www.example2.com.key;

        location / {

            proxy_connect_timeout    600;

            proxy_send_timeout        600;

            proxy_read_timeout        600;

            send_timeout              600;

            proxy_set_header          X-Real-IP $remote_addr;

            proxy_set_header          X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_set_header          host $host;

            proxy_pass                https://x2_443_service;

            # websocket

            proxy_http_version 1.1;

            proxy_set_header Upgrade $http_upgrade;

            proxy_set_header Connection "upgrade";

        }

    }

    ###################################################################

    # cat /etc/nginx/conf.d/stream/10086.conf

    ############################################

    upstream 10086_service {

        hash $remote_addr consistent;

        server 192.168.1.103:10086  max_fails=2  fail_timeout=60s;

    }

    server {

        listen 10086;

        proxy_pass 10086_service;

    }

    ############################################

    #  systemctl restart nginx 

    # ss -tan | grep -w  443 

    # ss -tan | grep -w 10086

    三、测试

    在windows测试机器添加hosts映射

    C:\Windows\System32\drivers\etc

    ##############################

    192.168.1.100  www.example1.com

    192.168.1.100  www.example2.com

    ###############################

    浏览器分别访问  https://www.example1.com   https://www.example2.com

    四、参考

    nginx虚拟主机概念和类型介绍

    https://blog.51cto.com/sandshell/1957701

    Nginx 虚拟主机配置

    https://www.cnblogs.com/wushuaishuai/p/9343044.html

    How to Create an Nginx Virtual Host

    https://www.keycdn.com/support/nginx-virtual-host

    Server Block Examples

    https://www.nginx.com/resources/wiki/start/topics/examples/server_blocks

    Nginx如何处理一个请求

    https://tengine.taobao.org/nginx_docs/cn/docs/http/request_processing.html

    相关文章

      网友评论

          本文标题:【nginx】基于域名的nginx虚拟主机

          本文链接:https://www.haomeiwen.com/subject/ocurzltx.html