我一直在尝试寻找一种解决方案,即在外部监听端口 443,并希望将结果传递到两个唯一的内部端口 (80/90)。我研究了许多选项,但它们似乎都侧重于多个唯一的面向外部的端口,以将流量重新路由到相应的内部端口。似乎 Streams 可能是答案,但我不确定如何让这一切发挥作用 -https://docs.nginx.com/nginx/admin-guide/load-balancer/tcp-udp-load-balancer/
这是我现有的 Nginx 配置:
server {
# ssl
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name pixelstreaming.mobiusnode.io;
location / {
#http trafic
proxy_pass https://192.168.86.77;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#ws support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
server_tokens off;
}
ssl_certificate /etc/letsencrypt/live/pixelstreaming.mobiusnode.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/pixelstreaming.mobiusnode.io/privkey.pem;
}
server {
if ($host = pixelstreaming.mobiusnode.io) {
return 301 https://$host$request_uri;
}
listen 80;
listen [::]:80;
server_name pixelstreaming.mobiusnode.io;
return 404;
}
我正在尝试做类似下面显示的代码的事情,但我知道这会出现问题,因为我不确定 Nginx 如何确定端口 443 上的请求如何在内部定向到端口 80 或 90。
server {
# ssl
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name pixelstreaming.mobiusnode.io;
location / {
#http trafic
proxy_pass https://192.168.86.77;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#ws support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
server_tokens off;
}
ssl_certificate /etc/letsencrypt/live/pixelstreaming.mobiusnode.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/pixelstreaming.mobiusnode.io/privkey.pem;
}
server {
# ssl
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name pixelstreaming.mobiusnode.io;
location / {
#http trafic
proxy_pass https://192.168.86.77:90;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#ws support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
server_tokens off;
}
ssl_certificate /etc/letsencrypt/live/pixelstreaming.mobiusnode.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/pixelstreaming.mobiusnode.io/privkey.pem;
}
server {
if ($host = pixelstreaming.mobiusnode.io) {
return 301 https://$host$request_uri;
}
listen 80;
listen [::]:80;
server_name pixelstreaming.mobiusnode.io;
return 404;
}
一定有更好的方法,我希望在这些论坛上能找到一些帮助。也许是上述元素的组合。