A universal nginx interface to achieve reverse proxy configuration
- 2020-05-15 03:37:52
- OfStack
1. What is a proxy server
Proxy server: when the client sends a request, it will not send it directly to the destination host, but first to the proxy server. After the proxy service accepts the client's request, it will send it to the host and receive the data returned by the destination host, which will be stored in the hard disk of the proxy server and then sent to the client.
2. Why use a proxy server
1) improve access speed
Since the data returned by the target host will be stored in the hard disk of the proxy server, the next time the client visits the same site data, it will be read directly from the hard disk of the proxy server, playing the role of caching, especially for popular sites can significantly improve the request speed.
2) firewall effect
Because all client requests must access the remote site through the proxy server, you can restrict access to the proxy server to filter out some insecure information.
3) access the target site that cannot be accessed through the proxy server
There are many proxy servers developed on the Internet, the client in the access is restricted, can access the target site through the unrestricted proxy server, generally speaking, we use over the wall browser is the use of proxy server, although can not go abroad, but also can directly access the outside network.
Reverse proxy VS forward proxy
1. What is positive agency? What is a reverse proxy?
The forward proxy, placed between the client and the target host, is only used for connection requests from the proxy's internal network to Internet. The client must specify the proxy server and send the http request to the proxy server that would otherwise be sent directly to the Web server.
The reverse proxy server is set up on the server side, which alleviates the workload of the server by buffering frequently requested pages, and forwards client requests to the target server on the internal network. The results obtained from the server will be returned to the client requesting connection on Internet. At this time, the proxy server and the target host 1 will be represented as one server.
2. What are the main applications of reverse proxy?
Many large web sites now use reverse proxies. In addition to preventing malicious attacks from the external network on the internal network server, caching to reduce the pressure on the server and access security control, load balancing can also be carried out to allocate user requests to multiple servers.
As a front-end development, it is very time-consuming and time-consuming to debug the interface and send the code to the test server every time.
In order to improve efficiency, nginx reverse agent was thought of to solve this problem.
Interface address:
test.com
Visit address:
localhost
The core problem is that you can't write cookie when you log in, and it took a lot of detours to fix that.
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 10;
server {
listen 80;
server_name localhost;
location =/ {
add_header X-Frame-Options SAMEORIGIN;
root D:/workspace/;
index index.html;
}
location ~* \.(html|htm|gif|jpg|jpeg|bmp|png|ico|txt|js|css|swf|woff|woff2|ttf|json|svg|cur|vue|otf|eot)$ {
charset utf-8;
root D:/workspace/;
expires 3d;
}
location = /socket/v2 {
proxy_pass http://test.com;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host test.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
}
location / {
proxy_pass http://test.com;
proxy_set_header Cookie $http_cookie;
proxy_cookie_domain test.com localhost;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host test.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
}
}
}
The core code is on three lines:
proxy_set_header Cookie $http_cookie;
proxy_cookie_domain test.com localhost;
proxy_set_header Host test.com;I also know half of the solution:
The first one is to carry cookie, The second one sets cookie's domain The third set the real host
Important: do not reverse the order of the above three, otherwise the agent will fail and I don't know why.
How to debug on the phone?
It is not possible to access localhost directly from the mobile phone. You can connect the mobile phone and the computer to the same network segment and access ip from the computer.
However, only localhost is represented here, not ip of the computer
So, you need to put the server{above... } 1 copy, just need to change all the localhost to your computer ip, the final code:
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 10;
server {
listen 80;
server_name localhost;
location =/ {
add_header X-Frame-Options SAMEORIGIN;
root D:/workspace/;
index index.html;
}
location ~* \.(html|htm|gif|jpg|jpeg|bmp|png|ico|txt|js|css|swf|woff|woff2|ttf|json|svg|cur|vue|otf|eot)$ {
charset utf-8;
root D:/workspace/;
expires 3d;
}
location = /socket/v2 {
proxy_pass http://test.com;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host test.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
}
location / {
proxy_pass http://test.com;
proxy_set_header Cookie $http_cookie;
proxy_cookie_domain test.com localhost;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host test.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
}
}
server {
listen 8080;
server_name xx.xx.xx.xx;
location =/ {
add_header X-Frame-Options SAMEORIGIN;
root D:/workspace/;
index index.html;
}
location ~* \.(html|htm|gif|jpg|jpeg|bmp|png|ico|txt|js|css|swf|woff|woff2|ttf|json|svg|cur|vue|otf|eot)$ {
charset utf-8;
root D:/workspace/;
expires 3d;
}
location = /socket/v2 {
proxy_pass http://test.com;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host test.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
}
location / {
proxy_pass http://test.com;
proxy_set_header Cookie $http_cookie;
proxy_cookie_domain test.com xx.xx.xx.xx;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host test.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
}
}
}Access methods: http: / / xx xx. xx. xx: 8080
If the packaging tool generates this configuration, you can use nodejs to dynamically retrieve the ip of your computer
function getIPAdress() {
var interfaces = require('os').networkInterfaces();
for (var devName in interfaces) {
var iface = interfaces[devName];
for (var i = 0; i < iface.length; i++) {
var alias = iface[i];
if (alias.family === 'IPv4' && alias.address !== '127.0.0.1' && !alias.internal) {
return alias.address;
}
}
}
}
So, a tool for dynamically generating nginx.config is posted here
function buildNginxConfig(config) {
function getIPAdress() {
var interfaces = require('os').networkInterfaces();
for (var devName in interfaces) {
var iface = interfaces[devName];
for (var i = 0; i < iface.length; i++) {
var alias = iface[i];
if (alias.family === 'IPv4' && alias.address !== '127.0.0.1' && !alias.internal) {
return alias.address;
}
}
}
}
var cwd = process.cwd().replace(/\\/g, '/') + '/app';
var protocol = /https|443/.test(config.ip) ? 'https' : 'http';
var servers = [{
browserIp: 'localhost',
port: 80,
root: cwd,
serverIp: config.ip,
protocol: protocol,
}, {
browserIp: getIPAdress(),
port: 8080,
root: cwd,
serverIp: config.ip,
protocol: protocol,
}].map(function(item) {
return `
server {
listen ${item.port};
server_name ${item.browserIp};
location =/ {
add_header X-Frame-Options SAMEORIGIN;
root ${item.root};
index index.html;
}
location ~* \\.(html|htm|gif|jpg|jpeg|bmp|png|ico|txt|js|css|swf|woff|woff2|ttf|json|svg|cur|vue|otf|eot)$ {
charset utf-8;
root ${item.root};
expires 3d;
}
location = /socket/v2 {
proxy_pass ${item.protocol}://${item.serverIp};
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host ${item.serverIp};
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 60;
proxy_buffer_size 256k;
proxy_buffers 4 256k;
}
location / {
proxy_pass ${item.protocol}://${item.serverIp};
proxy_set_header Cookie $http_cookie;
proxy_cookie_domain ${item.serverIp} ${item.browserIp};
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host ${item.serverIp};
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
}
}`;
}).join('\n');
var str = `worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 10;
${servers}
}`;
return str;
}
exports = module.exports = buildNginxConfig;
With this universal reverse proxy, you can play with any web interface you want