我有一个在职的nginx 配置用于将来自一系列源 IP 的所有请求代理到服务器。我目前设置了 20 个源 IP,配置相当庞大。为了简洁起见,我删除了其他 18 个块。
我想知道是否有更简单的方法可以做到这一点。我需要添加 100 个以上的 IP,这样配置会太大。一定有更好的方法!
澄清:我需要请求来自服务器上配置的 100 个随机 IP 地址之一。目标服务器将看到代理请求来自 100 个地址之一。
HAProxy 或其他替代方案是否更适合这类任务?
简化的 nginx 配置:
# nginx proxies all requests to one of these servers
upstream cluster {
# one server line for every server block configured below
server 127.0.0.1:8000;
server 127.0.0.1:8001;
# 18 more...
least_conn;
keepalive 16;
}
# one server block for every source ip address configured
server {
listen 8000;
location / {
proxy_pass https://destination;
# ip address below is one of 20 addresses outgoing requests will bind to
proxy_bind 10.0.0.1;
}
}
server {
listen 8001;
location / {
proxy_pass https://destination;
# ip address below is one of 20 addresses outgoing requests will bind to
proxy_bind 10.0.0.2;
}
}
# 18 more server blocks
# redirect all http traffic to https
server {
listen 80;
listen [::]:80;
return 301 https://$host$request_uri;
}
# proxy requests to upstream, which proxies requests to destination
server {
listen 443 ssl;
listen [::]:443 ssl;
location / {
proxy_pass http://cluster;
proxy_http_version 1.1;
proxy_set_header Connection '';
}
}