No filing local website deployment via two cloud server

1. Prepare hk server ( abbreviated as HK ） and north china server( abbreviated as HB ）.

2. Ngnix irequired by local windows, HB, and HK; Frp required by local windows and HB.

3. The configuration of nginx.conf (/etc/nginx/nginx.conf) file on HK is followed as 

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80;
        listen       [::]:80;
        server_name  www.xxx.com xxx.com;    # your domainname parsering to HK ip

        location / {
#       root         /usr/share/nginx/html;
#       index        index.html index.htm;
        return 301 http://x.xxx.90.22:8080$request_uri;    # HB public ip
        }

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# Settings for a TLS enabled server.

    server {
        listen       443 ssl http2;
        listen       [::]:443 ssl http2;
        server_name  www.xxx.com xxx.com;    # Same as http setting
        location / {
#        root         /usr/share/nginx/html;
#       index       index.html index.htm;
        return 301 http://x.xxx.90.22$request_uri;
        }
        ssl_certificate "/root/sslkeys/cloudflarecerxxx.pem";        # ssl setting 
        ssl_certificate_key "/root/sslkeys/cloudflarecerxxx.key";
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout  10m;
        ssl_ciphers PROFILE=SYSTEM;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

}

HK server is forwarding the HTTP/HTTPS request to HB server. After finishing，start the nginx server by 

sudo systemctl start nginx

The configuration of nginx.conf file on hb is followed as 

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       8080;
        listen       [::]:8080;
        server_name www.xxx.com xxx53;    # same as HK nginx.conf

        location / {

        proxy_pass http://x.xxx.90.22:80;    # same as HK nginx.conf, port number noted
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # root         ~/download;
        # index      firework.html;
        }



        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# Settings for a TLS enabled server.

   server {
       listen       443 ssl http2;
       listen       [::]:443 ssl http2;
       server_name  www.xxx53.com xxx53;    # same as above

       ssl_certificate "/home/mtxl/cloudflaressl/cloudflarecertxxx53.pem";
       ssl_certificate_key "/home/mtxl/cloudflaressl/cloudflarecertxxx53.key";
       ssl_session_cache shared:SSL:1m;
       ssl_session_timeout  10m;
       ssl_ciphers PROFILE=SYSTEM;
       ssl_prefer_server_ciphers on;


    location / {

        # root         ~/download;
        # index      firework.html;
        proxy_pass http://x.xxx.90.22:80;    # same as above
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
 #       root         /usr/share/nginx/html;
       # Load configuration files for the default server block.
       include /etc/nginx/default.d/*.conf;

       error_page 404 /404.html;
           location = /40x.html {
       }

       error_page 500 502 503 504 /50x.html;
           location = /50x.html {
       }
   }

}

HB server is forwarding the HTTP/HTTPS request to local windows server. 

 The configuration of nginx.conf (path/to/nginx.conf) file on local windows is followed as 

worker_processes auto;
worker_rlimit_nofile 51200;
events
{
	worker_connections 51200;
	multi_accept on;
}
http {
		include       mime.types;
		#include luawaf.conf;
		include proxy.conf;
        default_type  application/octet-stream;

        server_names_hash_bucket_size 512;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile   on;
        tcp_nopush on;

        keepalive_timeout 60;

        tcp_nodelay on;

        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 256k;
		fastcgi_intercept_errors on;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.1;
        gzip_comp_level 2;
        gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
        gzip_vary on;
        gzip_proxied   expired no-cache no-store private auth;
        gzip_disable   "MSIE [1-6]\.";

        limit_conn_zone $binary_remote_addr zone=perip:10m;
		limit_conn_zone $server_name zone=perserver:10m;

        server_tokens off;
        access_log off;

    server {
        listen       80;                # set port
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   F:/code/projects/07_firework/scheme2;    # set the html page path
            index  index.html index.htm;
        }
		location /nginx_status {  
        	allow 127.0.0.1;
            deny all;
            stub_status on;  
            access_log  off;  
        }  
    }
    include vhost/*.conf; 
    #加载vhost目录下的虚拟主机配置文件
}

4. Frp, a Intranet penetration tool, frps.toml file on HB is followed by

bindPort = 7000
vhostHTTPPort = 80
auth.method = "token"
auth.token = "xxxxx"

log.to = "./frps.log"
log.level = "info"
log.maxDays = 3

After finishing, start frps by 

frps -c ./frps.toml

, or by custom frps.service

sudo systemctl start frps

frpc.toml on local windows is followed by

serverAddr = "x.xxx.90.22"
serverPort = 7000
auth.method = "token"
auth.token = "xxxxxx"

[[proxies]]
name = "web"
type = "http"
localPort = 80
customDomains = ["x.xxx.90.22"]

After finishing, start frpc. For convenience, wserser.bat script can be followed as

@echo off
setlocal

REM save current directory
set ORIGINAL_PATH=%CD%

REM check cmd parameters
if "%1"=="" goto usage

if /I "%1"=="start" goto start
if /I "%1"=="stop" goto stop
if /I "%1"=="restart" goto restart

:usage
echo Usage: %0 [start|stop|restart]
goto end

:start
REM === Start server ===
cd /d "D:\BtSoft\nginx"
start nginx.exe


cd /d "D:\program\frp_0.54.0"
frpc.exe -c ./frpc.toml
echo Services started.
goto end

:stop
REM === Stop server ===
cd /d "D:\BtSoft\nginx"
REM Trying to stop server
taskkill /f /t /im nginx.exe

cd /d "D:\program\frp_0.54.0"
REM stop frp
taskkill /F /IM frpc.exe
echo Services stopped.
goto end

:restart
REM === Restart ===
call %0 stop
timeout /t 5 /nobreak
call %0 start
echo Services restarted.
goto end

:end
cd /d %ORIGINAL_PATH%
endlocal

Add it to environment variable, and publishing pages by

wserver start