nginx實戰--nginx反向代理同一域名不同埠
阿新 • • 發佈:2019-02-02
實戰場景:網站上線,要保證在不影響原正式網站的前提下,部署一套網站的測試環境,供客戶測試;
網站域名:www.xxxxx.com
解決此問題有2中解決方案:
①通過域名+指定路徑的方式部署,即:www.xxxxx.com/test,客戶可以直接通過域名訪問測試環境;
②通過內網IP方式部署,即:選擇一臺nginx伺服器,對測試環境做反向代理,客戶只能通過VPN+內網IP的方式訪問測試環境;
由於還需代理其他應用,所以第一種方式面臨的問題很多,結果我們選擇的第二種方式第二天被客戶pass,所以又不得不尋求其他的解決方案。
為解決客戶要求,想到了2中解決方案:
①nginx代理網站子域名,對映到測試環境。即:不同的域名對映到不同的應用環境,這種方式需要申請子域名。
②nginx代理網站域名的8080埠,對映到測試環境。即:同一域名的不同埠對映到不同的應用環境,這種方式需要域名服務商開放8080埠。
客戶原因,選擇第二種方式。
下面是nginx.conf配置檔案:
user nobody; worker_processes 8; error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; client_max_body_size 100m; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; gzip on; gzip_comp_level 6; # 壓縮比例,比例越大,壓縮時間越長。預設是1 gzip_types text/xml text/plain text/css application/javascript application/x-javascript application/rss+xml; # 哪些檔案可以被壓縮 gzip_disable "MSIE [1-6]\."; # IE6無效 # 網站伺服器列表 upstream uni-web { server xx.x.x.109:8080; } # 網站英文版 upstream uni-web-en { server xx.x.x.106:8080; } # pms伺服器列表 upstream pms { server xx.x.x.106:8090; server xx.x.x.109:8090; } # 運營平臺伺服器列表 upstream control { server xx.x.x.105:8080; } #測試環境 server { listen 8080; server_name 你的域名; #charset koi8-r; access_log logs/host.8080.access.log main; # 轉發所有請求 location / { proxy_pass http://xx.x.x.107; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name 你的域名; #charset koi8-r; access_log logs/host.access.log main; # 網站 location / { proxy_pass http://uni-web; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # 英文網站 location /en { proxy_pass http://uni-web-en; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # pms location /pms { proxy_pass http://pms; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # 運營平臺 location /cms { proxy_pass http://control; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # jeecms 後臺管理網站 location /jeeadmin/ { proxy_pass http://xx.x.x.107; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # rewrite ^(/jeeadmin/)$ /jeeadmin/jeecms/login.do break; } #location /apfel150.html { # rewrite ^/(apfel150.html)$ /study/$1 last; #} #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } location = /baidu_verify_CXOKsFqzpJ.html { root html; } location = /baidusilian.txt { root html; } location = /robots.txt { root html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} #設定檢視Nginx狀態的地址 ,在安裝時要加上--with-http_stub_status_module引數 location /NginxStatus { stub_status on; access_log on; auth_basic "NginxStatus"; auth_basic_user_file conf/htpasswd; #設定訪問密碼,htpasswd -bc filename username password } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} # 設定只允許通過域名訪問站點 server { listen 80 default_server; server_name _; return 403; } }
第一種方式和這種配置一樣,融匯廣通。