nginx端口转发

@author : DAN
@datetime : 2018/07/28

我们常用的端口有 80/443 端口
80端口对应着HTTP，443端口对应着HTTPS
配置好 nginx 之后，可以查看 nginx.conf 配置，准确记录了80端口和443端口的配置，80端口默认开启，443端口需自行配置解封
下面介绍端口转发

nginx 端口使用

操作系统中对外开放的端口有限，当我们需要使用其他端口的时候，有两种方式可以做到:

• 开放新端口
• 端口转发

1. 开放新端口
   将端口暴露直接使用，nginx配置文件直接将80端口server复制，修改端口等必要信息，重启nginx服务即可生效

2. 端口转发
   我们正常通过端口进行访问，使用upstream进行端口转发，方式有：

   1. 对端口进行全局转发
   • ip访问

   upstream    web{
       // 例如：server  127.0.0.1:5000
       // 例如：server  219.231.0.***
       server  <Your IP[,:Port]>  
   }
   server {
     listen       80;
     server_name  _;
   
     location / {
         proxy_pass  http://web;
     }
   
     error_page   500 502 503 504  /50x.html;
     location = /50x.html {
         root   html;
     }
   }
   

   • 域名访问

   api.<Your Domain>.com   5000;
   server {
       listen       80;
       server_name  api.<Your Domain>.com;
       access_log logs/flask.log;
       error_log logs/flask.error;
   
       location / {
           proxy_set_header Host $host;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_pass http://127.0.0.1:5000;
       }
   }
   

   2. 对端口进行部分转发

   server {
     listen 80;
     server_name <Your Domain>;
     underscores_in_headers on;
     root /usr/share/nginx/html/xiaoan;
     location / {
         if ($request_uri ~* "^\/test"){
                 #add_header Access-Control-Allow-Origin *;
                 add_header Access-Control-Allow-Headers X-Requested-With,content-type,cert,t;
                 add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
             proxy_pass http://dobelltest.com;break;
         }
         #如果URL带/dos的话就配到Tomcat
         if ($request_uri ~* "^\/dos"){
             #add_header Access-Control-Allow-Origin *;
             add_header Access-Control-Allow-Headers X-Requested-With,content-type,cert,t;
             add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
             proxy_pass http://<Your Domain>; break;
             break;
         }
         if ($request_uri ~* "^\/registration"){
             add_header Access-Control-Allow-Headers X-Requested-With,content-type,cert,t;
             add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
             proxy_pass http://127.0.0.1:8080;
             break;
         }
         if ($request_uri ~* "^\/pay"){
             #add_header Access-Control-Allow-Origin *;
             add_header Access-Control-Allow-Headers X-Requested-With,content-type,cert,t;
             add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
             proxy_pass http://dobell.com; break;
             break;
         }
         #如果URL带/phpstatic就配到Apache
         if ($request_uri ~* "^\/phpstatic"){
             add_header Access-Control-Allow-Origin *;
             add_header Access-Control-Allow-Headers X-Requested-With,content-type,cert,t;
             add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
             proxy_pass http://php.com; break;
         }
         # 如果URL里有/honest就转发到8090端口
         if ($request_uri ~* "^\/honest"){
                 #add_header Access-Control-Allow-Origin *;
                 add_header Access-Control-Allow-Headers X-Requested-With,content-type,cert,t;
                 add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
             proxy_pass http://<Your Domain>;break;
         }
     }
   }