Nginx搭建笔记

由于应用在内网环境，不能直接访问外网，而需求是应用需要重定向到外网环境的登陆二维码进行扫码登陆，在处理页面重定向时是由客户端发起请求，因此应用不能直接完成该操作，需要做转发处理，这里使用nginx来进行正向代理实现该功能。

nginx配置如下

#user nobody;
worker_processes 1;

#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;

#pid logs/nginx.pid;


events {
    worker_connections 1024;
}


http {
    include mime.types;
    default_type application/octet-stream;

    #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
    # '$status $body_bytes_sent "$http_referer" '
    # '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log logs/access.log main;

    sendfile on;
    #tcp_nopush on;

    #keepalive_timeout 0;
    keepalive_timeout 65;

    #gzip on;

    #server {
    # listen 80;
    # server_name localhost;
    #
    # #charset koi8-r;
    #
    # #access_log logs/host.access.log main;
    #
    # location / {
    # root html;
    # index index.html index.htm;
    # }
    #
    # #error_page 404 /404.html;
    #
    # # redirect server error pages to the static page /50x.html
    # #
    # error_page 500 502 503 504 /50x.html;
    # location = /50x.html {
    # root html;
    # }
    #
    # # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    # #
    # #location ~ \.php$ {
    # # proxy_pass http://127.0.0.1;
    # #}
    #
    # # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    # #
    # #location ~ \.php$ {
    # # root html;
    # # fastcgi_pass 127.0.0.1:9000;
    # # fastcgi_index index.php;
    # # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
    # # include fastcgi_params;
    # #}
    #
    # # deny access to .htaccess files, if Apache's document root
    # # concurs with nginx's one
    # #
    # #location ~ /\.ht {
    # # deny all;
    # #}
    #}


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    #server {
    # listen 8000;
    # listen somename:8080;
    # server_name somename alias another.alias;

    # location / {
    # root html;
    # index index.html index.htm;
    # }
    #}


    # HTTPS server
    #
    #server {
    # listen 443 ssl;
    # server_name localhost;

    # ssl_certificate cert.pem;
    # ssl_certificate_key cert.key;

    # ssl_session_cache shared:SSL:1m;
    # ssl_session_timeout 5m;

    # ssl_ciphers HIGH:!aNULL:!MD5;
    # ssl_prefer_server_ciphers on;

    # location / {
    # root html;
    # index index.html index.htm;
    # }
    #}
    
    #HTTP
    server{
        resolver 8.8.8.8;
        #access_log /data/logs/nginx/access_proxy.log main;
        listen 80;
        location / {
            root html;
            index index.html index.htm;
            proxy_pass $scheme://$host$request_uri;
            proxy_set_header HOST $http_host;
            proxy_buffers 256 4k;
            proxy_max_temp_file_size 0k; 
            proxy_connect_timeout 30;
            proxy_send_timeout 60;
            proxy_read_timeout 60;
            proxy_next_upstream error timeout invalid_header http_502;
        }
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }
    }

    #HTTPS
    server{
        resolver 8.8.8.8;
        #access_log /data/logs/nginx/access_proxy.log main;
        listen 443;
        location / {
            #proxy_pass https://$host$request_uri;
            proxy_pass https://xxxx.cn;
            proxy_buffers 256 4k;
            proxy_max_temp_file_size 0k; 
            proxy_connect_timeout 30;
            proxy_send_timeout 60;
            proxy_read_timeout 60;
            proxy_next_upstream error timeout invalid_header http_502;
        }
    }  
}