frps服务端与nginx可共用443端口
转载自: https://www.ioiox.com/archives/78.html
frps服务器上的nginx
frps.ini配置
由于nginx占用80/443端口,frps.ini中的 vhost_http_port 和 vhost_https_port 请更换为其他端口.
subdomain_host 根据需求可选配置泛域名,或者注释删除此参数使用自定义域名.
frpc.ini配置
如果 frps.ini 配置了 subdomain_host 泛域名,那么 frpc.ini 中域名参数需使用 subdomain = xx 仅填写二级域名主机头即可,不要填写完整域名.
如果 frps.ini 没有配置 subdomain_host泛域名,那么 frpc.ini 中域名参数需使用 custom_domains = xx.xxx.com 需填写完整的域名.
nginx配置
- proxy_pass http://127.0.0.1:1234; 中的 HTTP ,请勿写成 HTTPS .
- proxy_pass http://127.0.0.1:1234; 中 1234 端口为 frps 的 HTTP 端口.
- proxy_set_header Host $host:80; 注意需加上80端口,否则会无限循环301跳转,导致网页打不开提示重定向次数过多ERR_TOO_MANY_REDIRECTS.
访问80会跳转到443端口上
server {
listen 80;
server_name www.yourdomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name www.yourdomain.com;
ssl_certificate /usr/local/nginx/conf/ssl/yourdomain.com.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/yourdomain.com.key;
client_max_body_size 50m;
client_body_buffer_size 256k;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_ignore_client_abort on;
location / {
proxy_pass http://127.0.0.1:1234;
proxy_redirect off;
proxy_set_header Host $host:80;
proxy_ssl_server_name on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
访问80不会跳转到443端口上
server {
listen 80;
server_name www.yourdomain.com;
location / {
proxy_pass http://127.0.0.1:1234;
proxy_redirect http://$host/ http://$http_host/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
}
server {
listen 443 ssl http2;
server_name www.yourdomain.com;
ssl_certificate /www/server/panel/vhost/cert/yourdomain.com/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/yourdomain.com/privkey.pem;
client_max_body_size 50m;
client_body_buffer_size 256k;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_ignore_client_abort on;
location / {
proxy_pass http://127.0.0.1:1234;
proxy_redirect https://$host/ https://$http_host/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ssl_server_name on;
proxy_set_header Host $host;
}
}