Nginx处理链式proxy_pass中的端口

时间:2019-02-27 10:42:59

标签: apache nginx nginx-reverse-proxy ssh-tunnel

自1天以来,我一直在为此而苦苦挣扎,来回尝试,不知道如何解决,因为我对nginx相当陌生。

以下情况:我的网站负载在nginx后面保持平衡,到目前为止,我只能通过SSH隧道进行访问。因为当我在URL中有端口时,此隧道背后的Web框架似乎很挣扎,所以我的想法是安装一个本地nginx,该Nginx重写URL以忽略隧道的端口。这样就可以了:

本地nginx(端口80)->隧道->远程nginx(端口443)-> nginx上游(端口9002和9003)->网站(在Apache上)

但是问题来了:每当我从网站上的Google OAuth重定向回时,我都会得到另一个301到:9002或:9003,这在本地显然是错误的,因为这些端口永远都不应暴露。我应该停留在:80。

我的配置

(本地)nginx配置

server {
listen 80;
  server_name <domain>;

  location / {
    proxy_pass https://<host-with-tunnel>:2226;

    proxy_redirect          off;
    proxy_set_header        Host $http_host;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Host $host;
    proxy_set_header        X-Forwarded-Proto $scheme;

    client_max_body_size    10m;
    client_body_buffer_size 128k;
    proxy_connect_timeout   90;
    proxy_send_timeout      90;
    proxy_read_timeout      90;
    proxy_buffers           32 4k;
  }
}

(远程)nginx站点配置

upstream myself {
    server 127.0.0.2:9002;
    server 127.0.0.3:9003;
}

server {
    listen 443 default_server ssl;
    listen [::]:443 default_server ssl;

    ...

    location ~ ^/[a-z]+/public {
            proxy_pass      http://myself;
            include /etc/nginx/proxy.conf;
    }

    proxy_next_upstream error timeout http_503 http_502 http_500 http_404 http_403;
}

server {
    listen 127.0.0.2:9002;

    location /app/public/ {
            proxy_pass http://127.0.0.1/app_a/public/;
            include /etc/nginx/proxy.conf;
    }
}

server {
    listen 127.0.0.3:9003;

    location /app/public/ {
            proxy_pass http://127.0.0.1/app_b/public/;
            include /etc/nginx/proxy.conf;
    }
}

(远程)/etc/nginx/proxy.conf

proxy_redirect          off;
proxy_set_header        Host $http_host;
proxy_set_header        X-Real-IP $remote_addr;
proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header        X-Forwarded-Host $host;

client_max_body_size    10m;
client_body_buffer_size 128k;
proxy_connect_timeout   90;
proxy_send_timeout      90;
proxy_read_timeout      90;
proxy_buffers           32 4k;

提前感谢您的时间和精力!

0 个答案:

没有答案