我的配置文件中有多个上游,端口不同。我想在服务器上的单个 IP 内设置 prd.domain.com 和 qas.domain.com。我检查我的 DNS 已重命名。在 prd.domain.com 上已成功实施,但当我访问 qas 时,我仍然需要使用 IP 和端口,请帮忙
upstream server_prd{
server 127.0.0.1:8000;
keepalive 64;
}
upstream server_qas{
server 127.0.0.1:8010;
keepalive 64;
}
server {
listen 8010 ssl;
server_name 127.0.0.1;
ssl_certificate "/etc/nginx/ssl/domain.crt";
ssl_certificate_key "/etc/nginx/ssl/domain.key";
include common_https.conf;
include /etc/nginx/default.d/*.conf;
error_log /var/log/nginx/error.log debug;
location / {
add_header Access-Control-Allow-Origin *;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP- $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $proxy_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://server_qas;
}
}
server {
listen 443 ssl;
server_name prd.domain.com;
ssl_certificate "/etc/nginx/ssl/domain.crt";
ssl_certificate_key "/etc/nginx/ssl/domain.key";
include common_https.conf;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_log /var/log/nginx/error.log debug;
location / {
add_header Access-Control-Allow-Origin *;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP- $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $proxy_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://server_prd;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 443 ssl;
server_name qas.domain.com;
ssl_certificate "/etc/nginx/ssl/domain.crt";
ssl_certificate_key "/etc/nginx/ssl/domain.key";
include common_https.conf;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
error_log /var/log/nginx/error.log debug;
location / {
add_header Access-Control-Allow-Origin *;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP- $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $proxy_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://server_qas;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
但是当我创建每个 ssl 服务器块时,只有一个块从浏览器读取。其他网站始终重定向到服务器名称 http://server_prd
答案1
您的localhost:8010服务器有listen 8010 ssl;指令,这意味着它正在接受 https 连接。
但是,在您的proxy_pass指令中,您将流量指向http://server_qas,即使用 http 协议与上游进行通信。