我正在尝试使用 Nginx 设置 VMware UAG 负载平衡。我一直收到此错误,
nginx: [emerg] "stream" directive is not allowed here.
我不确定我做错了什么。我绝不是一名开发人员,所以请原谅我的无知。提前致谢 以下是我的配置:
stream {
upstream vdi_ssl {
hash $remote_addr;
server uag-01.example.com:443;
server uag-02.example.com:443 down;
}
upstream vdi_pcoip {
hash $remote_addr;
server uag-01.example.com:4172;
server uag-02.example.com:4172 down;
}
server {
listen 10.4.44.2:443 ssl;
ssl_certificate /etc/ssl/certs/*.pem;
ssl_certificate_key /etc/ssl/private/*.pem;
proxy_pass vdi_ssl;
proxy_ssl on;
proxy_ssl_protocols TLSv1.2 TLSv1.3;
proxy_ssl_session_reuse on;
proxy_ssl_certificate /etc/ssl/certs/*.pem;
proxy_ssl_certificate_key /etc/ssl/private/*.pem;
proxy_timeout 20m;
health_check;
}
server {
listen 10.4.44.2:4172;
proxy_pass vdi_pcoip;
proxy_timeout 20m;
health_check port=443;
}
server {
listen 10.4.44.2:4172 udp;
proxy_pass vdi_pcoip;
proxy_timeout 20m;
}
}
#HTTP Block
# To Load Balancer on Outside IP
server {
if ($host = loadbalancer.example.com) {
return 301 https://$host$request_uri;
}
listen 80;
server_name loadbalancer.example.com;
#set client body size to 10m#
client_max_body_size 10m;
# Don't allow pages to be rendered in an iframe on external domains.
add_header X-Frame-Options "SAMEORIGIN";
# MIME sniffing prevention
add_header X-Content-Type-Options "nosniff";
# Enable cross-site scripting filter in supported browsers.
add_header X-Xss-Protection "1; mode=block";
# Prevent access to hidden files
location ~* /\.(?!well-known\/) {
deny all;
}
# Prevent access to certain file extensions
location ~\.(ini|log|conf)$ {
deny all;
}
return 404; # managed by Certbot
}
server {
listen 443 ssl; server_name loadbalancer.example.com;
access_log /var/log/nginx/loadbalancer.example.com/access.log;
error_log /var/log/nginx/loadbalancer.example.com/error.log;
location / {
proxy_pass https://loadbalancer.example.com:443; #My Horizon UAG
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 16k;
proxy_buffers 32 16k;
proxy_busy_buffers_size 64k;
}
ssl_certificate /etc/letsencrypt/live/loadbalancer.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/loadbalancer.example.com/privkey.pem; # managed by certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}