我遇到的问题是,我的rails日志中显示的唯一IP地址是127.0.0.1,看来远程ip没有通过代理。我不确定我失踪了什么。 Nginx是在一个omnibus包中自定义编译的。我也有下面的构建脚本。如果有人能给我一些非常感激的见解。
Nginx Build Recipe:
name "nginx"
default_version "1.9.10"
dependency "pcre"
dependency "openssl"
source url: "http://nginx.org/download/nginx-#{version}.tar.gz",
md5: "64cc970988356a5e0fc4fcd1ab84fe57"
relative_path "nginx-#{version}"
build do
command ["./configure",
"--prefix=#{install_dir}/embedded",
"--with-http_ssl_module",
"--with-http_stub_status_module",
"--with-http_gzip_static_module",
"--with-http_v2_module",
"--with-http_realip_module",
"--with-ipv6",
"--with-debug",
"--with-ld-opt=-L#{install_dir}/embedded/lib",
"--with-cc-opt=\"-L#{install_dir}/embedded/lib -I#{install_dir}/embedded/include\""].join(" ")
command "make -j #{workers}", :env => {"LD_RUN_PATH" => "#{install_dir}/embedded/lib"}
command "make install"
end
Nginx配置:
user smart-mobile smart-mobile;
worker_processes 1;
error_log stderr;
pid nginx.pid;
daemon off;
events {
worker_connections 10240;
}
http {
#log_format combined '$remote_addr - $remote_user [$time_local] '
# '"$request" $status $body_bytes_sent '
# '"$http_referer" "$http_user_agent"';
#
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json;
proxy_cache_path proxy_cache keys_zone=smart-mobile:10m max_size=1g levels=1:2;
proxy_cache smart-mobile;
include /opt/smart-mobile/embedded/conf/mime.types;
include /var/opt/smart-mobile/nginx/conf/smart-mobile.conf;
}
Nginx站点配置:
upstream smart_mobile {
server unix:/var/opt/smart-mobile/puma/puma.socket;
}
server {
listen 80;
server_name 10.10.20.108;
access_log /var/log/smart-mobile/nginx/smart-mobile-http.access.log;
error_log /var/log/smart-mobile/nginx/smart-mobile-http.error.log;
root /opt/smart-mobile/embedded/smart-mobile-rails/public;
index index.html;
## Real IP Module Config
## http://nginx.org/en/docs/http/ngx_http_realip_module.html
location / {
if (-f /opt/smart-mobile/embedded/smart-mobile-rails/tmp/maintenance.enable) {
return 503;
}
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
try_files $uri $uri/index.html $uri.html @ruby;
}
location @ruby {
proxy_pass http://smart_mobile;
}
error_page 404 /404.html;
error_page 402 /402.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 @maintenance;
location @maintenance {
if ($uri !~ ^/icos/) {
rewrite ^(.*)$ /503.html break;
}
}
}
Puma Config:
directory '/opt/smart-mobile/embedded/smart-mobile-rails'
threads 2,4
bind 'unix:///var/opt/smart-mobile/puma/puma.socket'
pidfile '/var/opt/smart-mobile/puma/puma.pid'
preload_app!
on_worker_boot do
ActiveSupport.on_load(:active_record) do
ActiveRecord::Base.establish_connection
end
end
before_fork do
ActiveRecord::Base.connection_pool.disconnect!
end
答案 0 :(得分:1)
这是我自己的错,我在try_files之前拥有了所有的proxy_set_headers。我将proxy_set_header指令移动到@ruby位置块并删除了X-Real-IP头。现在一切正常,感谢您的所有投入。
答案 1 :(得分:0)
这对我有用(puma 3.4.0):
# Serve static content if a corresponding file exists.
location / {
try_files $uri @proxy;
# NOTE: Parameters below apply ONLY for static files that match.
expires max;
add_header Cache-Control "public";
add_header By-Nginx "yes"; # DEBUG
}
# Serve dynamic content from the backend.
location @proxy {
proxy_pass http://backend_for_www.site.com;
proxy_pass_request_headers on;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
X-Forwarded-For的培训。
一旦它正确通过,Puma应该把它连接起来。
不需要在Puma端配置。request.headers["REMOTE_ADDR"]将保留"127.0.0.1",无论您多努力,这都不会改变。X-Real-IP 不会影响日志记录问题。
基本上,您可以在Puma配置文件中使用set_remote_address header: "X-Real-IP"来设置此标头中的“连接的远程地址”。
但是Puma本身并没有朝那个方向看,我不知道其他任何软件。记录在此:http://www.rubydoc.info/gems/puma/3.2.0/Puma%2FDSL%3Aset_remote_address。