nginx+nginx实现多站点反向代理

018330

配置反向代理服务器A

 

第一步

新建前端服务器A反向代理配置文件:reverseproxy.conf
内容如下:

upstream backend {
    server localhost:80;
}
server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.a.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.a.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.a.com a.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.b.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.b.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.b.com b.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.c.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.c.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.c.com c.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.e.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.e.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.e.com e.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.f.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.f.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.f.com f.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
upstream backend {
    server localhost:80;
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.a.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.a.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.a.com a.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.b.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.b.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.b.com b.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.c.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.c.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.c.com c.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.e.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.e.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.e.com e.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.f.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.f.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.f.com f.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
upstream backend {
    server localhost:80;
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.a.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.a.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.a.com a.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.b.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.b.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.b.com b.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.c.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.c.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.c.com c.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.e.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.e.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.e.com e.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
server {
    listen 80;
    listen 443 ssl http2;
    ssl_certificate /usr/local/nginx/conf/ssl/www.f.com.crt;
    ssl_certificate_key /usr/local/nginx/conf/ssl/www.f.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_timeout 10m;
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_buffer_size 1400;
    add_header Strict-Transport-Security max-age=15768000;
    ssl_stapling on;
    ssl_stapling_verify on;
    server_name www.f.com f.com;
    location / {
        proxy_pass https://backend;
        proxy_redirect default;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

将上方 localhost:80 替换成你服务器 ip:端口号 , a.com b.com c.com d.com e.com f.com 分别替换成你的域名

第二步

reverseproxy.conf 上传至服务器 /usr/local/nginx/conf/vhost/ 目录下

第三步

编辑nginx配置文件 /usr/local/nginx/conf/nginx.conf ,在 http{} 内添加下边一行:

vhost/*.conf;
vhost/*.conf;
vhost/*.conf;

反向代理服务器A配置完毕

多站点服务器B配置

nginx正常部署多个站点

站点域名解析

解析域名至反向代理服务器A

测试

ping域名 www.a.com www.b.com www.c.com www.d.com www.e.com www.f.com 查看ip是否是代理服务器A的IP,如果是,那就证明配置成功。如果不是,请对照文章检查配置文件。

© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
图文教程
# SSL# Nginx# IIS# TLS# openssl# Apache# HTTPS# CAA# Tomcat# HPKP
喜欢就支持一下吧
点赞0 分享
I only smile very joy, sorrow will not be see.
我只有笑的很欢,忧伤才不会被看穿
Drixn的头像-软件开发技术分享钻石会员
相关推荐
评论 抢沙发
头像
欢迎您留下宝贵的见解!
提交
头像

昵称

取消
昵称

请填写用户信息:

  • 昵称
  • 邮箱
表情
[aoman][baiyan][bishi][bizui][cahan][ciya][dabing][daku][deyi][doge][fadai][fanu][fendou][ganga][guzhang][haixiu][hanxiao][zuohengheng][zhuakuang][zhouma][zhemo][zhayanjian][zaijian][yun][youhengheng][yiwen][yinxian][xu][xieyanxiao][xiaoku][xiaojiujie][xia][wunai][wozuimei][weixiao][weiqu][tuosai][tu][touxiao][tiaopi][shui][se][saorao][qiudale][qinqin][qiaoda][piezui][penxue][nanguo][liulei][liuhan][lenghan][leiben][kun][kuaikule][ku][koubi][kelian][keai][jingya][jingxi][jingkong][jie][huaixiao][haqian][aini][OK][qiang][quantou][shengli][woshou][gouyin][baoquan][aixin][bangbangtang][xiaoyanger][xigua][hexie][pijiu][lanqiu][juhua][hecai][haobang][caidao][baojin][chi][dan][kulou][shuai][shouqiang][yangtuo][youling]
代码

请输入代码:

确认
图片
快捷回复
谢谢你的分享,我从中学到了很多!
教程很好用,谢谢!
好东西,学习一下!
楼主听话,快到碗里来!
路过一下,我只是来打酱油的!
水帖美如花,养护靠大家!

    暂无评论内容

访问地图

标签云

Apache (17) CAA (16) centos (5) DDNS (6) Debian (4) docker (7) EFI (3) ESXI (4) HPKP (16) HTTPS (17) IIS (17) ikuai (5) Linux (8) macOS (9) N1 (3) Nginx (18) openssl (17) openwrt (5) proxy (7) Python (4) redis (4) ssh (4) SSL (23) TLS (17) Tomcat (16) unraid (26) windows (4) 代理 (6) 写真 (13) 反向代理 (5) 壁纸 (58) 守望先锋 (23) 宝塔 (5) 小米 (5) 小米笔记本 (3) 手绘 (9) 游戏 (35) 爱快 (4) 电影 (6) 美女 (53) 群晖 (6) 证书 (5) 远程访问 (6) 高清 (57) 黑苹果 (9)
默认头像
iKuai+旁路由OpenWrt 开启IPV6-软件开发技术分享
2.6W+人已阅读
iKuai+旁路由OpenWrt 开启IPV6
TOP1
XFX(讯景) RX560 刷写 Bios-软件开发技术分享
XFX(讯景) RX560 刷写 Bios
7年前1.9W+人已阅读
TOP2
用Python做一个漂亮小姐姐词云跳舞视频-软件开发技术分享
用Python做一个漂亮小姐姐词云跳舞视频
4年前1.8W+人已阅读
TOP3
Emby IOS客户端破解方法-软件开发技术分享
密码保护:Emby IOS客户端破解方法
4年前1.4W+人已阅读
TOP4
Unraid 安装 qbittorrent 后打不开 web 界面解决方法-软件开发技术分享
Unraid 安装 qbittorrent 后打不开 web 界面解决方法
5年前1.2W+人已阅读
TOP5
使用Altium Designer导入Altium的brd文件-软件开发技术分享
使用Altium Designer导入Altium的brd文件
7年前9305人已阅读
TOP6
标签云
默认值 (0)黑苹果 (9)黑狼 (1)黑夜传说 (1)黑丝 (1)高清 (57)驱动 (1)香蕉派 (1)饭拍 (0)预览版 (1)面板 (1)需求分析 (0)雷军 (0)零售企业 (0)阿里巴巴 (0)阻力 (0)阵列卡 (2)阴阳师 (1)防火墙 (2)镜像源 (1)