Nginx 反向代理 frps 共存
前期准备
- Nginx 使用
80/443端口. - frps.ini 的
HTTP/HTTPS使用其他端口,例如1234/5678. - 内网设备配置
frpc.ini时,仅需穿透HTTP端口. - 服务器端提前准备好证书文件.
LNMP 环境 Nginx 与 frps 共存
配置示例
!> 以下两种示例效果一致,重点注意以下几点:
proxy_pass http://127.0.0.1:1234;中的HTTP,请勿写成HTTPS.proxy_pass http://127.0.0.1:1234;中1234端口为frps的HTTP端口.proxy_set_header Host $host:80;注意需加上80端口,否则会无限循环 301 跳转,导致网页打不开提示重定向次数过多ERR_TOO_MANY_REDIRECTS.
示例一
nginx
server {
listen 80;
server_name *.yourdomain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name *.yourdomain.com;
ssl_certificate /usr/local/nginx/conf/ssl/yourdomain.com.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/yourdomain.com.key;
client_max_body_size 50m;
client_body_buffer_size 256k;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_ignore_client_abort on;
location / {
proxy_pass http://127.0.0.1:1234;
proxy_redirect off;
proxy_set_header Host $host:80;
proxy_ssl_server_name on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}示例二
nginx
server {
listen 80;
listen 443 ssl http2;
server_name *.yourdomain.com;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
ssl_certificate /usr/local/nginx/conf/ssl/yourdomain.com.crt;
ssl_certificate_key /usr/local/nginx/conf/ssl/yourdomain.com.key;
client_max_body_size 50m;
client_body_buffer_size 256k;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_ignore_client_abort on;
location / {
proxy_pass http://127.0.0.1:1234;
proxy_redirect off;
proxy_set_header Host $host:80;
proxy_ssl_server_name on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}宝塔面板环境 Nginx 与 frps 共存
配置示例
!> 参考以下示例在/www/server/panel/vhost/nginx创建frps.conf配置文件.并提前配置好证书文件和证书路径.
shell
server {
listen 80;
server_name *.yourdomain.com;
# return 301 https://$host$request_uri;
location / {
proxy_pass http://127.0.0.1:1234;
proxy_redirect http://$host/ http://$http_host/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
server {
listen 443 ssl http2;
server_name *.yourdomain.com;
ssl_certificate /www/server/panel/vhost/cert/yourdomain.crt;
ssl_certificate_key /www/server/panel/vhost/cert/yourdomain.key;
client_max_body_size 50m;
client_body_buffer_size 256k;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
proxy_connect_timeout 300s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
proxy_buffer_size 64k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_ignore_client_abort on;
location / {
proxy_pass http://127.0.0.1:1234;
proxy_redirect https://$host/ https://$http_host/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ssl_server_name on;
proxy_set_header Host $host;
}
}