nginx 代理上网配置
因需要,用一台服务器做代理给其它服务器 上网。http 用的是7层代理,https用的是4层代理
1 user root; 2 worker_rlimit_nofile 1000000; 3 worker_processes auto; 4 5 pid logs/nginx.pid; 6 7 events { 8 use epoll; 9 worker_connections 16384; 10 } 11 http { 12 include mime.types; 13 default_type application/octet-stream; 14 15 log_format commlog '$remote_addr - $remote_user [$time_local] "$request" - "$request_body"'; 16 17 sendfile on; 18 19 keepalive_timeout 65; 20 21 server { 22 resolver 114.114.114.114; #指定DNS服务器IP地址 23 listen 80; 24 location / { 25 proxy_pass http://$host$request_uri; #设定代理服务器的协议和地址 26 proxy_buffers 256 4k; 27 proxy_max_temp_file_size 0k; 28 proxy_connect_timeout 30; 29 proxy_send_timeout 60; 30 proxy_read_timeout 60; 31 proxy_next_upstream error timeout invalid_header http_502; 32 } 33 } 34 } 35 36 stream { #stram模块 和http模块是一同等级;做四层代理时需要添加上这个模块; 37 log_format proxy '$proxy_protocol_addr $remote_addr [$time_local]' 38 '$protocol "$status" $bytes_sent $bytes_received' 39 ' "$upstream_addr" "$session_time" "$upstream_connect_time" "$ssl_preread_server_name" "$server_addr"'; 40 access_log logs/aaa.log proxy; 41 open_log_file_cache off; 42 43 resolver 223.5.5.5 119.29.29.29 valid=3m; 44 45 server { 46 listen 80; #8811端口将以4层TCP协议方式转发至后端nginx_sever; 47 proxy_pass $server_addr:$server_port; 48 proxy_connect_timeout 15s; 49 proxy_timeout 15s; 50 proxy_next_upstream_timeout 15s; 51 } 52 server { 53 listen 443; #8811端口将以4层TCP协议方式转发至后端nginx_sever; 54 ssl_preread on; 55 proxy_pass $ssl_preread_server_name:$server_port; 56 proxy_connect_timeout 15s; 57 proxy_timeout 15s; 58 proxy_next_upstream_timeout 15s; 59 } 60 61 }