Nginx反向代理是一种强大的功能,允许你将客户端请求转发到后端服务器,隐藏后端服务器的真实信息,并提供负载均衡等功能。以下是配置Nginx作为反向代理的详细步骤:
安装Nginx
# Ubuntu/Debian
sudo apt update
sudo apt install nginx
# CentOS/RHEL
sudo yum install epel-release
sudo yum install nginx
基本反向代理配置示例
在/etc/nginx/conf.d/或/etc/nginx/sites-available/中创建一个新的配置文件(如reverse-proxy.conf):
server {
listen 80;
server_name yourdomain.com;
location / {
proxy_pass http://backend-server-ip:backend-port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
负载均衡
upstream backend {
server backend1.example.com weight=5;
server backend2.example.com;
server backend3.example.com backup;
}
server {
location / {
proxy_pass http://backend;
}
}
WebSocket支持
location /wsapp/ {
proxy_pass http://wsbackend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
SSL终止
server {
listen 443 ssl;
server_name yourdomain.com;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://backend-server;
# 其他代理设置...
}
}
缓存配置
proxy_cache_path /path/to/cache levels=1:2 keys_zone=my_cache:10m inactive=60m use_temp_path=off;
server {
location / {
proxy_cache my_cache;
proxy_pass http://backend;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
}
}
502 Bad Gateway错误
nginx
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
send_timeout 600;413 Request Entity Too Large
client_max_body_size 100M;
启用Gzip压缩
gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
测试配置语法:
sudo nginx -t
重载Nginx配置:
sudo systemctl reload nginx
# 或
sudo service nginx reload
通过以上配置,你可以实现一个功能完善的Nginx反向代理服务器,根据实际需求调整各项参数即可。