Posted in技术教程

Nginx 反向代理配置完全指南 – 从入门到精通

No Comments

什么是 Nginx 反向代理

反向代理是介于客户端和服务器之间的中间层。客户端请求先到达 Nginx,Nginx 再将请求转发到后端服务器。这实现了负载均衡、安全防护、缓存加速等功能。

安装 Nginx

# macOS
brew install nginx

# Ubuntu/Debian
sudo apt update && sudo apt install nginx

# 启动 Nginx
sudo nginx

# 测试配置
nginx -t

基础配置结构

http {
    # 全局配置
    sendfile on;
    keepalive_timeout 65;
    
    # 服务器配置
    server {
        listen 80;
        server_name example.com;
        
        location / {
            root /var/www/html;
            index index.html;
        }
    }
}

反向代理配置

最基础的反向代理

server {
    listen 80;
    server_name example.com;
    
    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

常用 proxy_set_header 指令

proxy_set_header Host $host;           # 传递原始 Host
proxy_set_header X-Real-IP $remote_addr;  # 传递真实 IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;  # 传递协议

HTTPS 配置

server {
    listen 443 ssl http2;
    server_name example.com;
    
    ssl_certificate /path/to/cert.pem;
    ssl_certificate_key /path/to/key.pem;
    
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;
    
    location / {
        proxy_pass http://127.0.0.1:3000;
    }
}

# HTTP 重定向到 HTTPS
server {
    listen 80;
    server_name example.com;
    return 301 https://$server_name$request_uri;
}

负载均衡配置

upstream backend {
    least_conn;              # 最少连接算法
    # ip_hash;              # IP 哈希算法
    # fair;                 # 响应时间算法(需第三方模块)
    
    server 127.0.0.1:3000 weight=3;
    server 127.0.0.1:3001 weight=2;
    server 127.0.0.1:3002 weight=1;
    # server 127.0.0.1:3003 backup;  # 备用服务器
}

server {
    listen 80;
    server_name example.com;
    
    location / {
        proxy_pass http://backend;
        proxy_set_header Host $host;
    }
}

常用场景

1. Node.js 应用

server {
    listen 80;
    server_name node-app.com;
    
    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
    }
}

2. Python Flask/Django

server {
    listen 80;
    server_name python-app.com;
    
    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

3. WordPress

server {
    listen 80;
    server_name myblog.com;
    root /var/www/wordpress;
    
    location / {
        try_files $uri $uri/ /index.php?$args;
    }
    
    location ~ \.php$ {
        proxy_pass http://127.0.0.1:9000;
        include fastcgi_params;
    }
}

4. 静态资源 + API 代理

server {
    listen 80;
    server_name mysite.com;
    
    # 静态资源
    location /static/ {
        alias /var/www/static/;
        expires 30d;
    }
    
    # API 反向代理
    location /api/ {
        proxy_pass http://backend-api:8080/;
    }
}

常用命令

# 测试配置
nginx -t

# 重载配置(不中断服务)
nginx -s reload

# 停止服务
nginx -s stop

# 优雅停止
nginx -s quit

总结

Nginx 是每个开发者都应该掌握的工具。学会配置反向代理,你可以轻松实现多应用部署、HTTPS 支持、负载均衡等功能。建议从简单的配置开始,逐步深入。

☁️
阿里云 推荐

想要稳定快速的服务器?推荐使用阿里云 ECS,新用户首年仅需百余元。

💰 佣金比例:7-15%
立即查看 →

Comments

No comments yet. Why don’t you start the discussion?

发表回复

您的邮箱地址不会被公开。 必填项已用 * 标注