Appearance
基于IP的虚拟主机
基于IP的虚拟主机通过不同的IP地址访问不同的网站,适用于服务器有多个IP地址的场景。
基本配置
配置示例
nginx
# IP 192.168.1.100
server {
listen 192.168.1.100:80;
server_name example.com;
root /var/www/site1;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}
# IP 192.168.1.101
server {
listen 192.168.1.101:80;
server_name test.com;
root /var/www/site2;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}绑定多个IP地址
查看服务器IP地址
bash
# Linux
ip addr show
# 或
ifconfig
# Windows
ipconfig添加IP地址
Linux临时添加
bash
# 添加临时IP地址
ip addr add 192.168.1.101/24 dev eth0
# 查看IP地址
ip addr showLinux永久添加
bash
# 编辑网络配置文件
sudo vim /etc/netplan/01-netcfg.yaml
# 添加IP地址
network:
version: 2
ethernets:
eth0:
addresses:
- 192.168.1.100/24
- 192.168.1.101/24
# 应用配置
sudo netplan applyCentOS/RHEL
bash
# 编辑网络配置文件
sudo vim /etc/sysconfig/network-scripts/ifcfg-eth0
# 添加IP地址
IPADDR0=192.168.1.100
PREFIX0=24
IPADDR1=192.168.1.101
PREFIX1=24
# 重启网络服务
sudo systemctl restart network完整配置示例
多IP配置
nginx
# IP 192.168.1.100
server {
listen 192.168.1.100:80;
server_name example.com www.example.com;
root /var/www/example.com;
index index.html index.htm;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# IP 192.168.1.101
server {
listen 192.168.1.101:80;
server_name test.com www.test.com;
root /var/www/test.com;
index index.html index.htm;
access_log /var/log/nginx/test.com.access.log;
error_log /var/log/nginx/test.com.error.log;
location / {
try_files $uri $uri/ =404;
}
}
# IP 192.168.1.102
server {
listen 192.168.1.102:80;
server_name demo.com www.demo.com;
root /var/www/demo.com;
index index.html index.htm;
access_log /var/log/nginx/demo.com.access.log;
error_log /var/log/nginx/demo.com.error.log;
location / {
try_files $uri $uri/ =404;
}
}IP与域名结合
IP+域名配置
nginx
# IP 192.168.1.100 - example.com
server {
listen 192.168.1.100:80;
server_name example.com www.example.com;
root /var/www/example.com;
index index.html index.htm;
}
# IP 192.168.1.100 - test.com
server {
listen 192.168.1.100:80;
server_name test.com www.test.com;
root /var/www/test.com;
index index.html index.htm;
}
# IP 192.168.1.101 - demo.com
server {
listen 192.168.1.101:80;
server_name demo.com www.demo.com;
root /var/www/demo.com;
index index.html index.htm;
}监听所有IP
监听所有IP的80端口
nginx
server {
listen 80;
server_name example.com;
root /var/www/example.com;
index index.html index.htm;
}监听特定IP的80端口
nginx
server {
listen 192.168.1.100:80;
server_name example.com;
root /var/www/example.com;
index index.html index.htm;
}SSL配置
HTTPS配置
nginx
# HTTP
server {
listen 192.168.1.100:80;
server_name example.com;
root /var/www/example.com;
index index.html index.htm;
}
# HTTPS
server {
listen 192.168.1.100:443 ssl;
server_name example.com;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
root /var/www/example.com;
index index.html index.htm;
}多IP多SSL
nginx
# IP 192.168.1.100 - HTTPS
server {
listen 192.168.1.100:443 ssl;
server_name example.com;
ssl_certificate /etc/nginx/ssl/example.com.crt;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
root /var/www/example.com;
index index.html index.htm;
}
# IP 192.168.1.101 - HTTPS
server {
listen 192.168.1.101:443 ssl;
server_name test.com;
ssl_certificate /etc/nginx/ssl/test.com.crt;
ssl_certificate_key /etc/nginx/ssl/test.com.key;
root /var/www/test.com;
index index.html index.htm;
}防火墙配置
配置防火墙规则
Ubuntu (UFW)
bash
# 允许IP 192.168.1.100访问80端口
sudo ufw allow from 192.168.1.100 to any port 80
# 允许IP 192.168.1.101访问80端口
sudo ufw allow from 192.168.1.101 to any port 80
# 开放80端口给所有IP
sudo ufw allow 80/tcpCentOS (firewalld)
bash
# 开放80端口
sudo firewall-cmd --permanent --add-port=80/tcp
# 重载防火墙
sudo firewall-cmd --reload常见应用场景
多网卡服务器
nginx
# 网卡1 - 内网IP
server {
listen 192.168.1.100:80;
server_name internal.example.com;
root /var/www/internal;
index index.html index.htm;
# 仅允许内网访问
allow 192.168.1.0/24;
deny all;
}
# 网卡2 - 外网IP
server {
listen 203.0.113.100:80;
server_name external.example.com;
root /var/www/external;
index index.html index.htm;
}负载均衡
nginx
# 前端服务器
server {
listen 192.168.1.100:80;
server_name frontend.example.com;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
# 后端服务器1
server {
listen 192.168.1.101:80;
server_name backend1.example.com;
root /var/www/backend1;
index index.html index.htm;
}
# 后端服务器2
server {
listen 192.168.1.102:80;
server_name backend2.example.com;
root /var/www/backend2;
index index.html index.htm;
}配置文件组织
独立配置文件
/etc/nginx/
├── nginx.conf
└── conf.d/
├── ip-100.conf
├── ip-101.conf
└── ip-102.confip-100.conf
nginx
server {
listen 192.168.1.100:80;
server_name example.com;
root /var/www/example.com;
index index.html index.htm;
}ip-101.conf
nginx
server {
listen 192.168.1.101:80;
server_name test.com;
root /var/www/test.com;
index index.html index.htm;
}ip-102.conf
nginx
server {
listen 192.168.1.102:80;
server_name demo.com;
root /var/www/demo.com;
index index.html index.htm;
}测试配置
测试配置文件
bash
nginx -t重载配置
bash
nginx -s reload测试IP访问
bash
# 测试IP 192.168.1.100
curl http://192.168.1.100
# 测试IP 192.168.1.101
curl http://192.168.1.101
# 测试IP 192.168.1.102
curl http://192.168.1.102测试域名访问
bash
# 测试域名
curl -H "Host: example.com" http://192.168.1.100
curl -H "Host: test.com" http://192.168.1.101常见问题
IP无法访问
检查项:
- IP地址是否正确绑定
- 防火墙是否开放端口
- Nginx配置是否正确
- 网络连接是否正常
IP地址冲突
查看IP地址冲突:
bash
arping -D -I eth0 192.168.1.101解决方法:
- 更改IP地址
- 找到冲突设备并解决
总结
基于IP的虚拟主机配置要点:
- 绑定IP地址:确保服务器有多个IP地址
- listen指令:指定监听的IP地址和端口
- 防火墙配置:开放相应端口
- 访问方式:通过IP地址或域名访问
- 应用场景:适合多网卡服务器、负载均衡等
基于IP的虚拟主机配置相对复杂,适用于有特殊需求的场景。