利用 Nginx 反向代理搭建本地 yum 伺服器
阿新 • • 發佈:2020-10-23
在政府,醫院等單位有網路安全要求,對內外網進行物理隔離,然而內網主機無法訪問網際網路下載安裝包,通過Nginx 反向代理搭建本地yum伺服器實現內網主機安裝包下載。
Centos 8.2 部署 Nginx Server
系統版本
[root@yum-server ~]# cat /etc/redhat-release
CentOS Linux release 8.2.2004 (Core)
配置Nginx 源
# cat nginx.repo [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
安裝 nginx
dnf install nginx
檢視nginx軟體包資訊
nginx 配置檔案
[root@yum-server /]# egrep -v "*#|^$" /etc/nginx/conf.d/default.conf server { listen 1888; location /software/ { root /mnt/nginx; autoindex on; autoindex_exact_size off; autoindex_localtime on; charset utf-8,gbk,gb2312; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /mnt/nginx; } location /centos/ { proxy_pass http://mirrors.aliyun.com/centos/; } location /zabbix/ { proxy_pass http://mirrors.aliyun.com/zabbix/; } location = /nginx_status { stub_status on; access_log /var/log/nginx/status.log; allow 127.0.0.1; deny all; } }
nginx 釋出檔案目錄
- autoindex on; # 開啟目錄檔案列表
- autoindex_exact_size on; # 顯示出檔案的確切大小,單位是bytes
- autoindex_localtime on; # 顯示的檔案時間為檔案的伺服器時間
- charset utf-8,gbk,gb2312; # 避免中文亂碼
防火牆配置
firewall-cmd --add-port=1888/tcp --permanent
firewall-cmd --reload
目錄訪問測試
內網主機repo檔案
# cat Centos-7.repo [base] name=CentOS-$releasever - Base - 172.168.1.176:1888 baseurl=http://172.168.1.176:1888/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=http://172.168.1.176:1888/centos/RPM-GPG-KEY-CentOS-7 #released updates [updates] name=CentOS-$releasever - Updates - 172.168.1.176:1888 baseurl=http://172.168.1.176:1888/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=http://172.168.1.176:1888/centos/RPM-GPG-KEY-CentOS-7 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras - 172.168.1.176:1888 baseurl=http://172.168.1.176:1888/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=http://172.168.1.176:1888/centos/RPM-GPG-KEY-CentOS-7 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus - 172.168.1.176:1888 baseurl=http://172.168.1.176:1888/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://172.168.1.176:1888/centos/RPM-GPG-KEY-CentOS-7 #contrib - packages by Centos Users [contrib] name=CentOS-$releasever - Contrib - 172.168.1.176:1888 baseurl=http://172.168.1.176:1888/centos/$releasever/contrib/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://172.168.1.176:1888/centos/RPM-GPG-KEY-CentOS-7 # cat zabbix.repo [zabbix] name=Zabbix Official Repository - $basearch baseurl=http://172.168.1.176:1888/zabbix/zabbix/4.2/rhel/7/$basearch/ enabled=1 gpgcheck=1 gpgkey=http://172.168.1.176:1888/zabbix/RPM-GPG-KEY-ZABBIX-A14FE591 [zabbix-non-supported] name=Zabbix Official Repository non-supported - $basearch baseurl=http://172.168.1.176:1888/zabbix/non-supported/rhel/7/$basearch/ enabled=1 gpgkey=http://172.168.1.176:1888/zabbix/RPM-GPG-KEY-ZABBIX gpgcheck=1
清除快取,生成快取,檢視rpm
yum clean all
yum makecache
yum list
yum 測試