Nginx反向代理多域名的HTTP和HTTPS服务的实现

(最后更新于2020-08-15) 分类: nginx 评论(0) 阅读(1610) 赞(0)

当前Nginx已经反向代理了两个网站,分别是基于Windows的IIS和Linux的Apach服务器,提供网页服务。

现在有新项目的网页需要对外提供服务,需要在代理服务器上增加另外一个网站,使用HTTPS访问以及HTTP自动跳转HTTPS。由于新网页是静态页面,所以使用Docker部署在Nginx代理服务器上。相关的certificates是通过let's encrypt来获取的,都是单独的证书,没有申请通配符形式的证书。

在Nginx代理端部署SSL证书即可,后端不需要部署SSL也可以实现HTTPS访问。

Nginx反向代理多域名的HTTP和HTTPS服务的实现 nginx 第1张

Nginx代理服务器配置:

  worker_processes auto;    error_log /var/log/nginx/error.log warn;  pid  /var/run/nginx.pid;    events {   worker_connections 1024;  }    http {   include  /usr/local/nginx/conf/mime.types;   default_type application/octet-stream;     log_format main '$remote_addr - $remote_user [$time_local] "$request" '        '$status $body_bytes_sent "$http_referer" '        '"$http_user_agent" "$http_x_forwarded_for"';     access_log /var/log/nginx/access.log main;     sendfile  on;   tcp_nopush  on;   tcp_nodelay  on;    upstream dx.exzel.co.nz {     server 127.0.0.1:8080;  }    upstream mybusiness.exzel.co.nz {     server 192.168.1.252:443;  }    server {   listen 80;   server_name dx.exzel.co.nz;   rewrite ^(.*) https://dx.exzel.co.nz permanent;  }  server {   listen 443;   server_name dx.exzel.co.nz;   ssl on;   ssl_certificate /etc/letsencrypt/live/dx.exzel.co.nz/fullchain.pem;   ssl_certificate_key /etc/letsencrypt/live/dx.exzel.co.nz/privkey.pem;   ssl_session_timeout 5m;   ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   ssl_prefer_server_ciphers on;   access_log /var/log/nginx/ccieerror.log ;   location / {     proxy_set_header Host $host;     proxy_set_header X-Real-IP $remote_addr;          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;     proxy_pass http://dx.exzel.co.nz;     }  }    server {   listen 80;   server_name mybusiness.exzel.co.nz;   rewrite ^(.*) https://mybusiness.exzel.co.nz permanent;  }  server {   listen 443;   server_name mybusiness.exzel.co.nz;   ssl on;   ssl_certificate /etc/letsencrypt/live/mybusiness.exzel.co.nz/fullchain.pem;   ssl_certificate_key /etc/letsencrypt/live/mybusiness.exzel.co.nz/privkey.pem;   ssl_session_timeout 5m;   ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   ssl_prefer_server_ciphers on;   access_log /var/log/nginx/mybusiness.log ;   location / {     proxy_set_header Host $host;     proxy_set_header X-Real-IP $remote_addr;          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;     proxy_pass https://mybusiness.exzel.co.nz;     }  }    server {   listen 80;   server_name www.empnz.co.nz empnz.co.nz;    location / {      proxy_pass http://192.168.1.15 ;      }   }    }

到此这篇关于Nginx反向代理多域名的HTTP和HTTPS服务的实现的文章就介绍到这了,更多相关Nginx反向代理HTTP和HTTPS内容请搜索脚本之家以前的文章或继续浏览下面的相关文章希望大家以后多多支持脚本之家! 

「点点赞赏,手留余香」
    还没有人赞赏,快来当第一个赞赏的人吧!

除特别注明外,本站所有文章均为无双技术网原创,转载请注明出处来自https://www.bnskd.com/9972.html

收藏 打赏 生成封面
Nginx反向代理多域名的HTTP和HTTPS服务的实现 bigger封面
  • 0 个人已赞

相关文章

参与评论