CentOS7下搭建nginx反向代理服务器 二级域名访问

创建nginx的本地yum源

[root@localhost ~]# yum list |grep nginxNo package nginx available.[root@localhost ~]# //给跪了，什么鬼，怎么没有nginx的rpm？算了，直接自己手动配一个官网repo吧[root@localhost ~]# //访问nginx官网，进入dowload页面，翻到底部的Pre-Build Package，选stable version---------------------------To set up the yum repository for RHEL/CentOS, create the file named /etc/yum.repos.d/nginx.repo with the following contents:[nginx]name=nginx repobaseurl=http://nginx.org/packages/OS/OSRELEASE/$basearch/gpgcheck=0enabled=1Replace “OS” with “rhel” or “centos”, depending on the distribution used, and “OSRELEASE” with “5”, “6”, or “7”, for 5.x, 6.x, or 7.x versions, respectively.---------------------------[root@localhost ~]#[root@localhost ~]# //大意就是：创建/etc/yum.repos.d/nginx.repo文件，贴入模板内容，替换相应的系统和软件版本号[root@localhost ~]#[root@localhost ~]# cd /etc/yum.repos.d[root@localhost yum.repos.d]# vi nginx.repo[nginx]name=nginx repobaseurl=http://nginx.org/packages/centos/7/$basearch/gpgcheck=0enabled=1:wq
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

以yum方式安装nginx

[root@localhost yum.repos.d]# yum list |grep nginxnginx.x86_64                               1:1.10.0-1.el7.ngx          nginx    nginx-debug.x86_64                         1:1.8.0-1.el7.ngx           nginx    nginx-debuginfo.x86_64                     1:1.10.0-1.el7.ngx          nginx    nginx-module-geoip.x86_64                  1:1.10.0-1.el7.ngx          nginx    nginx-module-image-filter.x86_64           1:1.10.0-1.el7.ngx          nginx    nginx-module-njs.x86_64                    1:1.10.0.0.0.20160414.1c50334fbea6-1.el7.ngx                                                                       nginx    nginx-module-perl.x86_64                   1:1.10.0-1.el7.ngx          nginx    nginx-module-xslt.x86_64                   1:1.10.0-1.el7.ngx          nginx    nginx-nr-agent.noarch                      2.0.0-9.el7.ngx             nginx    pcp-pmda-nginx.x86_64                      3.10.6-2.el7                base[root@localhost yum.repos.d]# yum install nginx.x86_64 Loaded plugins: fastestmirror, langpacksLoading mirror speeds from cached hostfile * rpmforge: mirrors.neusoft.edu.cnResolving Dependencies--> Running transaction check---> Package nginx.x86_64 1:1.10.0-1.el7.ngx will be installed--> Finished Dependency ResolutionDependencies Resolved#################################################################################### Package                   Arch                       Version                                Repository                 Size####################################################################################Installing: nginx                     x86_64                     1:1.10.0-1.el7.ngx                     nginx                     640 kTransaction Summary####################################################################################Install  1 PackageTotal download size: 640 kInstalled size: 2.1 MIs this ok [y/d/N]: yDownloading packages:nginx-1.10.0-1.el7.ngx.x86_64.rpm                                                                     | 640 kB  00:00:18     Running transaction checkRunning transaction testTransaction test succeededRunning transaction  Installing : 1:nginx-1.10.0-1.el7.ngx.x86_64                                                                           1/1 ----------------------------------------------------------------------Thanks for using nginx!Please find the official documentation for nginx here:* http://nginx.org/en/docs/Commercial subscriptions for nginx are available on:* http://nginx.com/products/----------------------------------------------------------------------  Verifying  : 1:nginx-1.10.0-1.el7.ngx.x86_64                                                                                                         1/1 Installed:  nginx.x86_64 1:1.10.0-1.el7.ngx                                                                                                                          Complete![root@localhost yum.repos.d]# nginx -vnginx version: nginx/1.10.0[root@localhost yum.repos.d]# service nginx startRedirecting to /bin/systemctl start  nginx.service● nginx.service - nginx - high performance web server   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)   Active: active (running) since Tue 2016-05-10 10:19:20 CST; 3s ago     Docs: http://nginx.org/en/docs/  Process: 29730 ExecStart#/usr/sbin/nginx -c /etc/nginx/nginx.conf (code#exited, status#0/SUCCESS)  Process: 29729 ExecStartPre#/usr/sbin/nginx -t -c /etc/nginx/nginx.conf (code#exited, status#0/SUCCESS) Main PID: 29733 (nginx)   CGroup: /system.slice/nginx.service           ├─29733 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf           └─29734 nginx: worker processMay 10 10:19:20 localhost systemd[1]: Starting nginx - high performance web server...May 10 10:19:20 localhost nginx[29729]: nginx: the configuration file /etc/nginx/nginx.conf syntax is okMay 10 10:19:20 localhost nginx[29729]: nginx: configuration file /etc/nginx/nginx.conf test is successfulMay 10 10:19:20 localhost systemd[1]: Failed to read PID from file /run/nginx.pid: Invalid argumentMay 10 10:19:20 localhost systemd[1]: Started nginx - high performance web server.[root@localhost yum.repos.d]# curl localhost   //或者打开浏览器访问http://localhost/<!DOCTYPE html><html><head><title>Welcome to nginx!</title><style>    body {        width: 35em;        margin: 0 auto;        font-family: Tahoma, Verdana, Arial, sans-serif;    }</style></head><body><h1>Welcome to nginx!</h1><p>If you see this page, the nginx web server is successfully installed andworking. Further configuration is required.</p><p>For online documentation and support please refer to<a href#"http://nginx.org/">nginx.org</a>.<br/>Commercial support is available at<a href#"http://nginx.com/">nginx.com</a>.</p><p><em>Thank you for using nginx.</em></p></body></html>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

ok安装好了，下面就是配置的事情

配置nginx为反向代理服务器

设置nginx开机自启动

[root@localhost yum.repos.d]# cd /etc/nginx[root@localhost nginx]# chkconfig nginx onNote: Forwarding request to 'systemctl enable nginx.service'.Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
1
2
3
4
1
2
3
4

设置nginx的反向代理规则

[root@localhost nginx]# vi nginx.confuser  nginx;worker_processes  1;error_log  /var/log/nginx/error.log warn;pid        /var/run/nginx.pid;events {    worker_connections  1024;}http {    include       /etc/nginx/mime.types;    default_type  application/octet-stream;    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '                      '$status $body_bytes_sent "$http_referer" '                      '"$http_user_agent" "$http_x_forwarded_for"';    access_log  /var/log/nginx/access.log  main;    sendfile        on;    #tcp_nopush     on;    keepalive_timeout  65;    gzip  on;    #modify@2016-05-10 11:30    include /etc/nginx/conf.d/reverse-proxy.conf;    client_max_body_size        50m;    #缓冲区代理缓冲用户端请求的最大字节数,可以理解为保存到本地再传给用户    client_body_buffer_size     256k;    client_header_timeout       3m;    client_body_timeout         3m;    send_timeout                3m;    proxy_connect_timeout       300s;   #nginx跟后端服务器连接超时时间(代理连接超时)    proxy_read_timeout          300s;   #连接成功后，后端服务器响应时间(代理接收超时)    proxy_send_timeout          300s;    proxy_buffer_size           64k;    #设置代理服务器（nginx）保存用户头信息的缓冲区大小    proxy_buffers       4       32k;    #proxy_buffers缓冲区，网页平均在32k以下的话，这样设置    proxy_busy_buffers_size     64k;    #高负荷下缓冲大小（proxy_buffers*2）    proxy_temp_file_write_size  64k;    #设定缓存文件夹大小，大于这个值，将从upstream服务器传递请求，而不缓冲到磁盘    proxy_ignore_client_abort   on;     #不允许代理端主动关闭连接    server {        listen          80;        server_name     localhost;        location / {            root html;            index       index.html index.htm;        }        error_page      500 502 503 504 /50x.html;        location # /50x.html {            root html;        }    }    #modification is done!}:wq[root@localhost nginx]# cd conf.d/[root@localhost conf.d]# vi reverse-proxy.conf## wiki.myweb.org -> http://10.1.1.230:8013server{    listen 80;    server_name         wiki.myweb.org;    location / {        proxy_redirect  off;        proxy_set_header        Host            $host;        proxy_set_header        X-Real-IP       $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_pass http://10.1.1.230:8013;    }    access_log /var/log/nginx/wiki_access.log;}## zentao.myweb.org/zentao -> http://10.1.1.240:49017/zentaoserver{    listen 80;    server_name         zentao.myweb.org;    location / {        proxy_redirect  off;        proxy_set_header        Host            $host;        proxy_set_header        X-Real-IP       $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_pass http://10.1.1.240:49017;    }    access_log /var/log/nginx/zentao_access.log;}## trac.myweb.org -> http://10.1.1.240:8000/server{    listen 80;    server_name         trac.myweb.org;    location / {        proxy_redirect  off;        proxy_set_header        Host            $host;        proxy_set_header        X-Real-IP       $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_pass http://10.1.1.240:8000;    }    access_log /var/log/nginx/trac_access.log;}## kb2.myweb.org -> http://10.1.1.230:8080/server{    listen 80;    server_name         kb2.myweb.org;    location / {        proxy_redirect  off;        proxy_set_header        Host            $host;        proxy_set_header        X-Real-IP       $remote_addr;        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;        proxy_pass http://10.1.1.230:8080;    }    access_log /var/log/nginx/iphmk_admin_kb2_access.log;}:wq[root@localhost conf.d]# service start nginx
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

最后一步

因为我们nginx的反向代理服务器是部署在10.1.1.230上，它本身也是内网服务器，所以需要在路由器上配一个路由转发规则： 
所有从外网80端口进来的请求，都转发到nginx所在的服务器，由nginx来负责转发。

路由器设置：虚拟服务器WAN口        wan1    WAN端口       80      常用服务：  DNS(53)LAN端口       80内网IP      10.1.1.230协议：     全部
1
2
3
4
5
6
1
2
3
4
5
6

ok，大公告成～

本文参考以下博文来实现部署： 
http://blog.csdn.net/hejingyuan6/article/details/47262419 （考虑做window的测试） 
http://www.ttlsa.com/nginx/use-nginx-proxy/ 
http://blog.csdn.net/isresultxal/article/details/50674378 
http://blog.csdn.net/xshalk/article/details/51313101 （后续我也要做证书授权的说）

后续的改进

我这种代理配置，看着不怎么美观，我记得有更优美的配置方式的，等悠闲的时候，可以继续优化。

【重要补充：】 
对了，还忘记了交代：还需要一个自己的域名（myweb.org），才可以这样去使用二级域名来解析内网应用。 
如果没有，可以申请阿里云服务，然后在路由器上，来绑定内网入口的网络服务商分配给动态IP（这步很简单，就是路由器上设置填上申请的动态域名就好了） 
这里的工作，属于准备期工作，申请啊备案啊，还是很繁琐的，本次没有记录下来～

顶

0

踩