为 rest api 服务器设置代理通行证不起作用

为 rest api 服务器设置代理通行证不起作用

因此,我尝试设置代理传递到端口 30422 上的 rest api,基本上我想要做的是让例如 sub-domain.example.com 链接到同一网络主机上的端口 30422。我在 nginx 上托管网络服务器,并且已经链接了一个域。

我尝试过的是在 cloudflare 上添加我的新子域(我使用 cloudflare 作为保护),然后还在 sites-available 文件夹中创建我的新子域文件并将其符号链接到 sites-enabled 文件夹。

这是我的第一次尝试,但没有成功:

server {
    listen 80;  # Port on which Nginx will listen for incoming requests
    server_name sub-domain.example.com;  # Your domain name or server IP

    location / {
        proxy_pass http://example.com:30422;  # Address of your REST API server
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

然后我尝试在子域上的 vps 本身上使用 curl,但没有成功。然后我尝试使用端口 30422 ping 实际的 vps ip,结果从托管在同一 vps 上的 rest api 返回了所需的响应。

因此我更新了我的 nginx 配置,改为通过 vps ip 和端口作为代理传递:

server {
    listen 80;  # Port on which Nginx will listen for incoming requests
    server_name sub-domain.example.com;  # Your domain name or server IP

    location / {
        proxy_pass http://x.x.x.x:30422;  # Address of your REST API server
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

但结果却没有起到作用。

我也尝试过这种配置,但是无济于事。

server {
    listen 80;
    server_name sub-domain.example.com;
    location / {
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:30422;
        proxy_redirect off;
    }
}

这是我第一次尝试这样做,我只是在努力学习。我寻找过答案,但我尝试过的所有解决方案都不起作用。

编辑:我甚至尝试过禁用 cloudflare 的 https,然后再使用 proxy_set_header。但还是不行。

这是我使用 curl 进行详细输出时获得的输出 (sub-domain.example.com)

*   Trying 104.21.93.82:80...
* TCP_NODELAY set
* Connected to sub-domain.example.com (104.21.93.82) port 80 (#0)
> GET / HTTP/1.1
> Host: sub-domain.example.com
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Mon, 12 Jun 2023 20:40:35 GMT
< Content-Type: application/octet-stream
< Content-Length: 0
< Connection: keep-alive
< CF-Cache-Status: DYNAMIC
< Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bO266eNsXPsKOXRa3nqoNi3wRJPkkYH8a35%2Bvcaq%2B43iQtBIqIk0Lgbf0R8%2BOpCtE6Xc1jYWskuZo6f4XWKa9GRpcCzP5E9NdC6F6kSs9HFLca2uuctXESwAdq%2BO%2FWT9t1EAyuB%2FhRmdGu%2BdWA%3D%3D"}],"group":"cf-nel","max_age":604800}
< NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< Server: cloudflare
< CF-RAY: 7d64e8e85b75414c-LHR
< alt-svc: h3=":443"; ma=86400
<
* Connection #0 to host sub-domain.example.com left intact

编辑 2,由@HBruijn 请求

sudo netstat -tnlp 和 sudo ss -tnlp

[1] 48297
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      29439/nginx: master
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      660/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1377/sshd: /usr/sbi
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      29439/nginx: master
tcp6       0      0 :::80                   :::*                    LISTEN      29439/nginx: master
tcp6       0      0 :::30422                :::*                    LISTEN      13143/node
tcp6       0      0 :::22                   :::*                    LISTEN      1377/sshd: /usr/sbi
tcp6       0      0 :::443                  :::*                    LISTEN      29439/nginx: master
State      Recv-Q     Send-Q           Local Address:Port            Peer Address:Port     Process
LISTEN     0          511                    0.0.0.0:80                   0.0.0.0:*         users:(("nginx",pid=29441,fd=6),("nginx",pid=29440,fd=6),("nginx",pid=29439,fd=6))
LISTEN     0          4096             127.0.0.53%lo:53                   0.0.0.0:*         users:(("systemd-resolve",pid=660,fd=13))
LISTEN     0          128                    0.0.0.0:22                   0.0.0.0:*         users:(("sshd",pid=1377,fd=3))
LISTEN     0          511                    0.0.0.0:443                  0.0.0.0:*         users:(("nginx",pid=29441,fd=8),("nginx",pid=29440,fd=8),("nginx",pid=29439,fd=8))
LISTEN     0          511                       [::]:80                      [::]:*         users:(("nginx",pid=29441,fd=7),("nginx",pid=29440,fd=7),("nginx",pid=29439,fd=7))
LISTEN     0          511                          *:30422                      *:*         users:(("node",pid=13143,fd=19))
LISTEN     0          128                       [::]:22                      [::]:*         users:(("sshd",pid=1377,fd=4))
LISTEN     0          511                       [::]:443                     [::]:*         users:(("nginx",pid=29441,fd=9),("nginx",pid=29440,fd=9),("nginx",pid=29439,fd=9))

在 localhost 和 vps 的 ip 上使用 curl -vv 时

curl -vv http://localhost:30422
*   Trying 127.0.0.1:30422...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 30422 (#0)
> GET / HTTP/1.1
> Host: localhost:30422
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< X-Powered-By: Express
< Content-Type: application/json; charset=utf-8
< Content-Length: 24
< ETag: W/"18-XPDV80vbMk4yY1/PADG4jYM4rSI"
< Date: Tue, 13 Jun 2023 18:37:24 GMT
< Connection: keep-alive
< Keep-Alive: timeout=5
<
* Connection #0 to host localhost left intact
{"error":"Unauthorized"}
curl -vv http://81.xx.xxx.xx:30422
*   Trying 81.xx.xxx.xx:30422...
* TCP_NODELAY set
* Connected to 81.16.176.39 (81.xx.xxx.xx) port 30422 (#0)
> GET / HTTP/1.1
> Host: 81.xx.xxx.xx:30422
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
< X-Powered-By: Express
< Content-Type: application/json; charset=utf-8
< Content-Length: 24
< ETag: W/"18-XPDV80vbMk4yY1/PADG4jYM4rSI"
< Date: Tue, 13 Jun 2023 18:38:20 GMT
< Connection: keep-alive
< Keep-Alive: timeout=5
<
* Connection #0 to host 81.xx.xxx.xx left intact
{"error":"Unauthorized"}

相关内容