我正在尝试将nginx配置为根据请求路径将请求代理到使用不同端口在主机上运行的不同服务器。为了使事情复杂化,我希望所有应用程序都使用ssl。换句话说,我希望nginx执行以下操作:
https://www.example.com/app1 --> http://localhost:8001
https://www.example.com/app2 --> http://localhost:8002
https://www.example.com/app3 --> http://localhost:8003
...
到目前为止我所得到的(不太正常):
# redirecting from http to https
server {
listen 80;
301 https://$host$request_uri;
}
# proxying path to port
server {
listen 443;
ssl_certificate /path/to/cert.pem
ssl_certificate_key /path/to/privkey.pem
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location /app1 {
proxy_pass http://localhost:8001
}
location /app2 {
proxy_pass http://localhost:8002
}
location /app3 {
proxy_pass http://localhost:8003
}
}
最终发生的事情是nginx只公开一个特定的应用程序(首先是那里)。
任何关于我做错事的想法都会受到赞赏。谢谢。
答案 0 :(得分:0)
用以下
替换你的nginc.conf server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443;
root /usr/share/nginx/html;
ssl on;
ssl_certificate /etc/nginx/ssl/demo.com.crt;
ssl_certificate_key /etc/nginx/ssl/demo.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
chunked_transfer_encoding on;
location /app1 {
proxy_pass http://<private-ip>:8001
}
location /app2 {
proxy_pass http://<private-ip>:8002
}
location /app3 {
proxy_pass http://<private-ip>:8003
}
}
将.crt,.kry文件复制到所需的文件夹