当前位置: 首页 > article >正文

Ubuntu下实现nginx反向代理

article 2025/8/27 2:17:42

1. 多个ngx实例安装

脚本已经在deepseek的指导下完成啦!
deepseek写的脚本支持ubuntu/centos两种系统。

ins_prefix="/usr/local/"
makefile_gen() {ngx=$1	ngx_log_dir="/var/log/"$ngx"/"ngx_temp_path="/var/temp/"${ngx}"/"ngx_run_dir="/var/run/${ngx}/"ngx_lock_dir="/var/lock/"echo "nginx log directory: "${ngx_log_dir}echo "nginx temp path: "${ngx_temp_path}mkdir -p ${ngx_temp_path} ${ngx_log_dir} ${ngx_run_dir} ${ngx_lock_dir}
echo "Created directories:"
echo " - ${ngx_temp_path}"
echo " - ${ngx_log_dir}"
echo " - ${ngx_run_dir}"
echo " - ${ngx_lock_dir}"./configure \
--prefix=${ins_prefix}${ngx} \
--pid-path="/var/run/"${ngx}"/nginx.pid" \
--lock-path="/var/lock/"${ngx}".lock" \
--error-log-path=${ngx_log_dir}"error.log" \
--http-log-path=${ngx_log_dir}"access.log" \
--with-http_gzip_static_module \
--http-client-body-temp-path=${ngx_temp_path}"client" \
--http-proxy-temp-path=${ngx_temp_path}"proxy" \
--http-fastcgi-temp-path=${ngx_temp_path}"fastcgi" \
--http-uwsgi-temp-path=${ngx_temp_path}"uwsgi" \
--http-scgi-temp-path=${ngx_temp_path}"scgi"if [ $? -ne 0 ]; thenecho "Configure failed! Exiting..."exit 1fi
}# should have super user priveledge
if [ `whoami` != root ]; thenecho "please run this scripit with sudo or as root!"exit 1
fiif command -v apt-get &> /dev/null; thenapt-get updateapt-get install -y libpcre3 libpcre3-dev zlib1g-dev wget make gcc openssl 
elif command -v yum &> /dev/null; thenyum install -y libpcre3 libpcre3-dev zlib1g-dev wget make gcc openssl 
elseecho "Unsupported package manager! Please install dependencies manually."exit 1
fiif [ ! -d "nginx-1.26.3" ]; thenif [ ! -f "nginx-1.26.3.tar.gz" ]; thenwget https://nginx.org/download/nginx-1.26.3.tar.gz || { echo "Download failed"; exit 1;}fitar -xvf nginx-1.26.3.tar.gz || { echo "Extraction failed!"; exit 1;}
fi
cd nginx-1.26.3 || { echo "Entering source directory failed!"; exit 1;}# find location and name to locate:
# /usr/local/nginx
# /usr/local/nginx1
# /usr/local/nginx2
# ...
ngx="nginx"
if [ ! -e ${ins_prefix}${ngx} ];thenecho ${ins_prefix}${ngx_nm}" not exits!";
elseid=0while [ -e ${ins_prefix}${ngx} ]; doid=$(($id+1))ngx="nginx"${id}done
fi
echo "nginx will be installed to :"${ins_prefix}${ngx}makefile_gen "${ngx}"make && make install || { echo "Build/Install failed!"; exit 1; }echo "Installation completed successfully!"
echo "Binary path: ${ins_prefix}${ngx}/sbin/nginx"

2. ssl自签名证书

如果要免费的,需要在Lets encrypt上去申请。
这里按照博客使用自签名证书。

openssl req -x509 -nodes -days 365 -newkey rsa:2048 cert.key -out cert.crt

3. nginx反向代理配置

示意图
在这里插入图片描述

在客户端上修改hosts配置文件,这步主要是为了将想用的域名给对上内网的IP。

192.168.100.128 www.sina.com.cn
192.168.100.128 www.sohu.com

之后就是在proxy上安装一个nginx,配置如下代理文件


#user  nobody;
worker_processes  1;#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;#pid        logs/nginx.pid;events {worker_connections  1024;
}http {include       mime.types;default_type  application/octet-stream;#log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '#                  '$status $body_bytes_sent "$http_referer" '#                  '"$http_user_agent" "$http_x_forwarded_for"';#access_log  logs/access.log  main;sendfile        on;#tcp_nopush     on;#keepalive_timeout  0;keepalive_timeout  65;#gzip  on;upstream sina {server 192.168.100.129:80 weight=1;   server 192.168.100.129:82 weight=2;
}server {listen 80;server_name www.sina.com.cn;location / {proxy_pass http://sina;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;proxy_connect_timeout 60s;proxy_read_timeout 600s;proxy_send_timeout 600s;}}upstream sohu {server 192.168.100.129:81;    
}server {listen       80;server_name  www.sohu.com;#charset koi8-r;#access_log  logs/host.access.log  main;location / {proxy_pass http://192.168.100.129:81;# 以下为常用代理参数配置proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;proxy_connect_timeout 60s;proxy_read_timeout 600s;proxy_send_timeout 600s;}#error_page  404              /404.html;# redirect server error pages to the static page /50x.html#error_page   500 502 503 504  /50x.html;location = /50x.html {root   html;}}}

real server上安装3个nginx, 只需要将监听的端口稍微改一个就好了。

4. nginx负载均衡配置

负载均衡的配置其实很简单。。。

   upstream sina {server 192.168.100.129:80 weight=1;   server 192.168.100.129:82 weight=2;}server {listen 80;server_name www.sina.com.cn;location / {proxy_pass http://sina;proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;proxy_connect_timeout 60s;proxy_read_timeout 600s;proxy_send_timeout 600s;}}

3. 参考

ngx-r-proxy-csdn
multi-ngx
ngx-r-proxy-aliyun
ngx-load-balance

ssl-ngx-proxy
openssl-sign-cnblog

http://www.lryc.cn/news/2401050.html

相关文章:

  • c++ QicsTable使用实例
  • 在WordPress上添加隐私政策页面
  • 二维 根据矩阵变换计算镜像旋转角度
  • 你工作中涉及的安全方面的测试有哪些怎么回答
  • 阿里云ACP云计算备考笔记 (3)——云服务器ECS
  • Eigen实现非线性最小二乘拟合 + Gauss-Newton算法
  • 区块链技术:原理、应用与发展趋势
  • 从零开始:用Tkinter打造你的第一个Python桌面应用
  • Web开发主流前后端框架总结
  • Java Spring Boot 自定义注解详解与实践
  • GlobalSign、DigiCert、Sectigo三种SSL安全证书有什么区别?
  • 力扣面试150题--二叉搜索树中第k小的元素
  • SQL Server Agent 不可用怎么办?
  • css-塞贝尔曲线
  • Java并发编程哲学系列汇总
  • docker使用proxy拉取镜像
  • 服务端定时器的学习(一)
  • 【前端】vue 防抖和节流
  • Modbus转EtherNET IP网关开启节能改造新范式
  • Android高级开发第四篇 - JNI性能优化技巧和高级调试方法
  • 【PCB工艺】绘制原理图 + PCB设计大纲:最小核心板STM32F103ZET6
  • C#入门学习笔记 #7(传值/引用/输出/数组/具名/可选参数、扩展方法(this参数))
  • 【DeepSeek】【Dify】:用 Dify 对话流+标题关键词注入,让 RAG 准确率飞跃
  • DELETE 与 TRUNCATE、DROP 的区别
  • yFiles:专业级图可视化终极解决方案
  • VSCode 工作区配置文件通用模板创建脚本
  • echarts显示/隐藏标签的同时,始终显示饼图中间文字
  • 【Spring AI】调用 DeepSeek 实现问答聊天
  • Java消息队列与安全实战:谢飞机的烧饼摊故事
  • parquet :开源的列式存储文件格式