Nginx下Frp强制重定向为https配置详解

迫于家里的路由将300M的带宽强行降到80M的速度,所以入手了一个3205U的软路由,果真没有令人失望,速度飞起O(∩_∩)O哈哈~ 当然,由于宽带没有公网IP所以DDNS就不能使用,转而使用frp,在折腾的过程中踩到了一些坑,所以记录下来,希望能帮助有需要的同学。

frps.ini(服务端配置)

  [common]  bind_port = 5443  kcp_bind_port = 5443    vhost_http_port = 8080  vhost_https_port = 4443    # Frp的服务器指示面板配置  admin_addr = frp.test.com  dashboard_port = 6443  dashboard_user = test  dashboard_pwd = test    log_file = ./frps.log    # trace, debug, info, warn, error  log_level = info    log_max_days = 3    # auth token 可自主生成一些字符串  token = sfsfgsdgsdgsgddgsg    tcp_mux = true    max_pool_count = 50    # 用户自定义域名  subdomain_host = frp.test.com

frpc.ini (客户端配置)

  [common]  # 远程服务器IP地址  server_addr = 8.8.8.8  server_port = 5443  token = sfsfgsdgsdgsgddgsg  tls_enable = true    [lede]  type = http  local_ip = 10.10.10.1  local_port = 80  # 这里的值最终会被解析为lede.frp.test.com(需要在你的域名服务器做指向你自己公网服务器的*.frp.test.com的  # 域名泛解析)  subdomain = lede  use_encryption = false           use_compression = true    # HTTP基础认证可以不填写  http_user = test  http_pwd = test

vhosts.conf(Nginx配置)

  server {   listen 80;   listen 443 ssl http2;   ssl_certificate /usr/local/nginx/conf/ssl/lede.frp.test.com.crt;   ssl_certificate_key /usr/local/nginx/conf/ssl/lede.frp.test.com.key;   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;   ssl_prefer_server_ciphers on;   ssl_session_timeout 10m;   ssl_session_cache builtin:1000 shared:SSL:10m;   ssl_buffer_size 1400;   add_header Strict-Transport-Security max-age=15768000;   ssl_stapling on;   ssl_stapling_verify on;   server_name lede.frp.okuka.com;   access_log /data/wwwlogs/lede.frp.test.com_nginx.log combined;     if ($ssl_protocol = "") { return 301 https://$host$request_uri; }     location / {        proxy_pass http://127.0.0.1:8080;#端口号一定要和frps.ini的vhost_http_port一致         proxy_set_header Host $host;        proxy_set_header X-Real-IP 8.8.8.8;#这里填写你的公网服务器IP         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;      }  }

注意!!!!!以上操作就能需要重启服务后才能使用

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支Fatmouse

参与评论