基本反向代理配置

本节介绍Nginx基本反向代理的配置方法。

最简单的反向代理

配置示例

nginx

server {
    listen 80;
    server_name proxy.example.com;

    location / {
        proxy_pass http://192.168.1.10:8080;
    }
}

说明

proxy_pass：指定后端服务器地址
所有请求都会转发到后端服务器

完整配置示例

基本配置

nginx

server {
    listen 80;
    server_name proxy.example.com;

    access_log /var/log/nginx/proxy.access.log;
    error_log /var/log/nginx/proxy.error.log;

    location / {
        # 后端服务器
        proxy_pass http://192.168.1.10:8080;

        # 请求头设置
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        # 超时设置
        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;

        # 缓冲设置
        proxy_buffering on;
        proxy_buffer_size 4k;
        proxy_buffers 8 4k;
        proxy_busy_buffers_size 8k;
    }
}

代理不同路径

路径映射

nginx

server {
    listen 80;
    server_name proxy.example.com;

    # 代理根路径
    location / {
        proxy_pass http://192.168.1.10:8080;
    }

    # 代理API
    location /api/ {
        proxy_pass http://192.168.1.11:8080;
    }

    # 代理静态资源
    location /static/ {
        proxy_pass http://192.168.1.12:8080;
    }
}

URL重写

nginx

server {
    listen 80;
    server_name proxy.example.com;

    # /api/ → http://backend:8080/api/
    location /api/ {
        proxy_pass http://192.168.1.10:8080;
    }

    # /api/ → http://backend:8080/
    location /api/ {
        proxy_pass http://192.168.1.10:8080/;
    }
}

代理HTTPS后端

HTTP代理HTTPS

nginx

server {
    listen 80;
    server_name proxy.example.com;

    location / {
        proxy_pass https://192.168.1.10:443;
        proxy_ssl_verify off;
    }
}

HTTPS代理HTTPS

nginx

server {
    listen 443 ssl;
    server_name proxy.example.com;

    ssl_certificate /etc/nginx/ssl/proxy.crt;
    ssl_certificate_key /etc/nginx/ssl/proxy.key;

    location / {
        proxy_pass https://192.168.1.10:443;
        proxy_ssl_verify off;
    }
}

代理WebSocket

WebSocket代理配置

nginx

server {
    listen 80;
    server_name proxy.example.com;

    location /ws/ {
        proxy_pass http://192.168.1.10:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        # 超时设置
        proxy_connect_timeout 7d;
        proxy_send_timeout 7d;
        proxy_read_timeout 7d;
    }
}

代理FastCGI

PHP代理

nginx

server {
    listen 80;
    server_name proxy.example.com;

    root /var/www/html;
    index index.php index.html;

    location ~ \.php$ {
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }
}

代理uWSGI

Python代理

nginx

server {
    listen 80;
    server_name proxy.example.com;

    location / {
        include uwsgi_params;
        uwsgi_pass 127.0.0.1:8000;
    }
}

代理SCGI

SCGI代理

nginx

server {
    listen 80;
    server_name proxy.example.com;

    location / {
        include scgi_params;
        scgi_pass 127.0.0.1:4000;
    }
}

代理Memcached

Memcached代理

nginx

server {
    listen 80;
    server_name proxy.example.com;

    location /memcached/ {
        set $memcached_key $uri;
        memcached_pass 127.0.0.1:11211;
        error_page 404 = @fallback;
    }

    location @fallback {
        proxy_pass http://backend;
    }
}

代理GRPC

GRPC代理

nginx

server {
    listen 80 http2;
    server_name proxy.example.com;

    location / {
        grpc_pass grpc://192.168.1.10:50051;
    }
}

代理多个后端

使用upstream

nginx

upstream backend {
    server 192.168.1.10:8080;
    server 192.168.1.11:8080;
    server 192.168.1.12:8080;
}

server {
    listen 80;
    server_name proxy.example.com;

    location / {
        proxy_pass http://backend;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

缓存配置

启用代理缓存

nginx

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m max_size=1g inactive=60m use_temp_path=off;

server {
    listen 80;
    server_name proxy.example.com;

    location / {
        proxy_cache my_cache;
        proxy_cache_valid 200 60m;
        proxy_cache_valid 404 1m;
        proxy_cache_key "$scheme$request_method$host$request_uri";
        proxy_pass http://192.168.1.10:8080;
        add_header X-Cache-Status $upstream_cache_status;
    }
}

错误处理

错误页面

nginx

server {
    listen 80;
    server_name proxy.example.com;

    location / {
        proxy_pass http://192.168.1.10:8080;
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_intercept_errors on;
    }

    error_page 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }
}

总结

基本反向代理配置要点：

proxy_pass：指定后端服务器
proxy_set_header：设置请求头
超时设置：连接、发送、读取超时
缓冲设置：优化传输性能
WebSocket：特殊配置支持
缓存：启用代理缓存
错误处理：自定义错误页面

掌握基本反向代理配置，可以满足大多数代理需求。

基本反向代理配置 ​

最简单的反向代理 ​

配置示例 ​

说明 ​

完整配置示例 ​

基本配置 ​

代理不同路径 ​

路径映射 ​

URL重写 ​

代理HTTPS后端 ​

HTTP代理HTTPS ​

HTTPS代理HTTPS ​

代理WebSocket ​

WebSocket代理配置 ​

代理FastCGI ​

PHP代理 ​

代理uWSGI ​

Python代理 ​

代理SCGI ​

SCGI代理 ​

代理Memcached ​

Memcached代理 ​

代理GRPC ​

GRPC代理 ​

代理多个后端 ​

使用upstream ​

缓存配置 ​

启用代理缓存 ​

错误处理 ​

错误页面 ​

总结 ​

基本反向代理配置

最简单的反向代理

配置示例

说明

完整配置示例

基本配置

代理不同路径

路径映射

URL重写

代理HTTPS后端

HTTP代理HTTPS

HTTPS代理HTTPS

代理WebSocket

WebSocket代理配置

代理FastCGI

PHP代理

代理uWSGI

Python代理

代理SCGI

SCGI代理

代理Memcached

Memcached代理

代理GRPC

GRPC代理

代理多个后端

使用upstream

缓存配置

启用代理缓存

错误处理

错误页面

总结