我有以下情况:
- Nginx 服务器,IP 为 xxx.xxx.xxx.xx1
- app1,在 IP xxx.xxx.xxx.xx2:3000 上
- app2,在 IP xxx.xxx.xxx.xx3:5000 上
- app3,在 IP xxx.xxx.xxx.xx4 上
我希望所有应用程序都可以通过 Nginx 访问,如下所示:
- 应用程序1 > xxx.xxx.xxx.xx1/应用程序1/
- 应用程序2 > xxx.xxx.xxx.xx1/应用程序2/
- 应用程序3 > xxx.xxx.xxx.xx1/应用程序3/
所有应用程序都位于同一网络中,并且 IP 都是本地的。这里的最终目标是让所有应用程序都可以通过指向 Nginx 服务器的公共 IP 的域进行访问。但到目前为止,我正尝试让它们在本地 IP 上运行。
我已经尝试了一段时间了,到目前为止,我得到了这个结果:
server {
listen 80;
server_name xxx.xxx.xxx.xx1;
location /app1/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://xxx.xxx.xxx.xx2:3000/;
}
location /app2/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://xxx.xxx.xxx.xx3:5000/;
}
location /app3/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://xxx.xxx.xxx.xx4/;
}
location / {
rewrite ^/(.*) /app1/$1 last;
}
}
问题是,在这种情况下,我可以通过 xxx.xxx.xxx.xx1/app1/login 访问 app1(只是 xxx.xxx.xxx.xx1/app1/ 不起作用)。由于这是有道理的,我们尝试了几种不同的方法让它们全部可访问,但没有成功。
location ~ ^/(app1|app2|app3)/ {
set $route $1;
rewrite ^/(app1|app2|app3)(/.*)$ $2 break;
proxy_pass http://xxx.xxx.xxx.xx1/$route;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
还有这个:
location / {
rewrite ^/app1/(.*)$ /app1/$1 last;
rewrite ^/app2/(.*)$ /app2/$1 last;
rewrite ^/app3/(.*)$ /app3/$1 last;
proxy_pass http://xxx.xxx.xxx.xx1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ ^/(app1|app2|app3)/ {
set $route $1;
rewrite ^/(app1|app2|app3)(/.*)$ $2 break;
proxy_pass http://xxx.xxx.xxx.xx1/$route;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
还有这样的:
server {
listen 80;
server_name 192.168.1.220;
location /app1/ {
rewrite ^/app1/(.*)$ /$1 break;
proxy_pass https://xxx.xxx.xxx.xx2:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /app2/ {
rewrite ^/app2/(.*)$ /$1 break;
proxy_pass https://xxx.xxx.xxx.xx3:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /app3/ {
rewrite ^/app3/(.*)$ /$1 break;
proxy_pass http://xxx.xxx.xxx.xx4;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ ^/(app1|app2|app3)/ {
set $route $1;
rewrite ^/(app1|app2|app3)(/.*)$ $2 break;
# Proxy the request to the corresponding backend server
proxy_pass http://xxx.xxx.xxx.xx1/$route;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
return 404;
}
}
有什么想法我在这里做错了什么?
我遇到的另一个问题是,尽管 app1 似乎在 xxx.xxx.xxx.xx1/app1/ 上运行,但应用程序中的每个链接都会重定向到 xxx.xxx.xxx.xx1/new-page/,而不是 xxx.xxx.xxx.xx1/app1/new-page。
有什么想法可以通过 Nginx 而不是通过更改应用程序中的链接来解决这个问题?
答案1
我花了一段时间,但还是完成了。以下是我做的方式,以防其他人需要类似的东西。在本例中,externalapp 和 externalapptest 代表 app3(测试和生产)
server {
listen 443 ssl;
listen [::]:443 ssl;
include snippets/self-signed.conf;
include snippets/ssl-params.conf;
server_name nginx.server.com;
location /app1/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://appstests.server.com:3000/;
}
location /app2/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://appstests.server.com:5900/;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# X-Forwarded headers
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
# Proxy specific variables
proxy_redirect off;
proxy_read_timeout 60m;
proxy_send_timeout 60m;
proxy_http_version 1.1;
proxy_connect_timeout 5s;
# Add support for websockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
add_header X-Frame-Options "SAMEORIGIN";
# proxy_buffering should be on for all but very rare cases
proxy_buffering on;
# proxy_buffers should not exceed 63
proxy_buffers 63 128k;
proxy_buffer_size 128k;
proxy_pass https://externalapptest.server.com;
}
location /internal_authentication/ {
proxy_set_header Host $http_host;
proxy_http_version 1.1;
proxy_set_header Connection '';
proxy_pass https://externalapptest.server.com;
}
location /externalapptest/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# X-Forwarded headers
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
# Proxy specific variables
proxy_redirect off;
proxy_read_timeout 60m;
proxy_send_timeout 60m;
proxy_http_version 1.1;
proxy_connect_timeout 5s;
# Add support for websockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# proxy_buffering should be on for all but very rare cases
proxy_buffering on;
# proxy_buffers should not exceed 63
proxy_buffers 63 128k;
proxy_buffer_size 128k;
proxy_pass https://externalapptest.server.com;
}
location /externalapptest/internal_authentication/ {
proxy_set_header Host $http_host;
proxy_http_version 1.1;
proxy_set_header Connection '';
proxy_pass https://externalapptest.server.com;
}
location /externalapp/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# X-Forwarded headers
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
# Proxy specific variables
proxy_redirect off;
proxy_read_timeout 60m;
proxy_send_timeout 60m;
proxy_http_version 1.1;
proxy_connect_timeout 5s;
# Add support for websockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# proxy_buffering should be on for all but very rare cases
proxy_buffering on;
# proxy_buffers should not exceed 63
proxy_buffers 63 128k;
proxy_buffer_size 128k;
proxy_pass https://externalapp.server.com;
}
location /externalapp/internal_authentication/ {
proxy_set_header Host $http_host;
proxy_http_version 1.1;
proxy_set_header Connection '';
proxy_pass https://externalapp.server.com;
}
}