代码之家  ›  专栏  ›  技术社区  ›  devops-admin

如何将Nginx配置为转发代理服务器?

proxy nginx
  •  0
  • devops-admin  · 技术社区  · 11 月前

    如何将Nginx配置为转发代理服务器?

    我们有一个要求,我们想通过Nginx服务器发送VM的所有出站流量。

    在nginx服务器中使用以下配置来实现此场景。 

    
events {
    worker_connections  1024;
}

http {
    resolver 8.8.8.8;  # Google's DNS IP address for resolution

    server {
        listen 443 ssl;
        server_name test-nginxproxyserver.com; # this is my nginx server domain name.


        ssl_certificate /etc/nginx/nginx.crt;  # Path to your SSL certificate
        ssl_certificate_key /etc/nginx/nginx.key;  # Path to your SSL certificate key
        ssl_protocols TLSv1.2;
        ssl_ciphers HIGH:!aNULL:!MD5;

        location / {
            proxy_pass https://$host$request_uri;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_ssl_server_name on;
            proxy_ssl_verify off;
            proxy_ssl_session_reuse on;
        }
    }
}

    现在,我们从客户端VM禁用了所有出站请求,只允许nginx服务器域名(test-nginxproxyserver.com)或IP的出站请求中的443端口。

    我们已经从客户端虚拟机导出了以下参数 

    export http_proxy=http://test-nginxproxyserver.com:443
export https_proxy=https://test-nginxproxyserver.com:443

    并运行以下命令来测试设置 

    curl -x https://test-nginxproxyserver.com:443 https://google.com/

    但它会抛出以下错误消息 

    curl: (56) CONNECT tunnel failed, response 400

    还尝试测试以下设置 apt update 命令中添加了以下参数 /etc/apt/apt.conf 文件。 

    Acquire::http::Proxy "http://test-nginxproxyserver.com:443/";
Acquire::https::Proxy "https://test-nginxproxyserver.com:443/";

    但对于这个测试,它也会抛出这些错误消息 

    root@Nginx-Client-VM:~# apt update
Ign:1 https://mirror.hetzner.com/ubuntu/packages noble InRelease
Ign:2 https://mirror.hetzner.com/ubuntu/packages noble-updates InRelease
Ign:3 https://mirror.hetzner.com/ubuntu/packages noble-backports InRelease
Ign:4 https://mirror.hetzner.com/ubuntu/security noble-security InRelease
Ign:1 https://mirror.hetzner.com/ubuntu/packages noble InRelease
Ign:2 https://mirror.hetzner.com/ubuntu/packages noble-updates InRelease
Ign:3 https://mirror.hetzner.com/ubuntu/packages noble-backports InRelease
Ign:4 https://mirror.hetzner.com/ubuntu/security noble-security InRelease
Ign:1 https://mirror.hetzner.com/ubuntu/packages noble InRelease
Ign:2 https://mirror.hetzner.com/ubuntu/packages noble-updates InRelease
Ign:3 https://mirror.hetzner.com/ubuntu/packages noble-backports InRelease
Ign:4 https://mirror.hetzner.com/ubuntu/security noble-security InRelease
Err:1 https://mirror.hetzner.com/ubuntu/packages noble InRelease
  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
Err:2 https://mirror.hetzner.com/ubuntu/packages noble-updates InRelease
  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
Err:3 https://mirror.hetzner.com/ubuntu/packages noble-backports InRelease
  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
Err:4 https://mirror.hetzner.com/ubuntu/security noble-security InRelease
  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
50 packages can be upgraded. Run 'apt list --upgradable' to see them.
W: Failed to fetch https://mirror.hetzner.com/ubuntu/packages/dists/noble/InRelease  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
W: Failed to fetch https://mirror.hetzner.com/ubuntu/packages/dists/noble-updates/InRelease  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
W: Failed to fetch https://mirror.hetzner.com/ubuntu/packages/dists/noble-backports/InRelease  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
W: Failed to fetch https://mirror.hetzner.com/ubuntu/security/dists/noble-security/InRelease  Invalid response from proxy: HTTP/1.1 400 Bad Request  Server: nginx/1.24.0 (Ubuntu)  Date: Tue, 02 Jul 2024 16:28:07 GMT  Content-Type: text/html  Content-Length: 166  Connection: close     [IP: xx.xx.xx.xx 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.

    那么,我们如何配置nginx服务器以通过它发送VM的所有出站流量呢?

    0 回复  |  直到 11 月前
    推荐文章
    Pedro Henrique  ·  如何为自己分配代理陷阱?
    10 月前
    Kwang Sing  ·  在chrome扩展中为请求添加前缀的正确设置是什么?
    10 月前
    devops-admin  ·  如何将Nginx配置为转发代理服务器?
    11 月前
    surfmuggle  ·  Playwright-API测试-连接超时错误-公司代理背后的可能原因
    1 年前
    Torprendido  ·  为什么ember数据存储在y域中的2个webb应用程序之间共享令牌?
    1 年前
    Shuxin  ·  为什么创建Java动态代理需要接口参数
    1 年前
    kwarter  ·  如何模拟RestTemplate代理调用?
    1 年前
    Ansh Vohra  ·  github.com在我的互联网上没有响应,但当我打开代理服务器时正在工作
    1 年前
    Lesha Pipiev  ·  通过自定义代理向S3发送PUT对象请求
    1 年前
    Maciej Dobosz  ·  在线代理如何在不被阻止的情况下工作,同时代理所有CSS/images/font资产?
    1 年前
    关于  
    代码之家 - 一站式码农服务社区
    沪ICP备11025650号