Nginx のリバースproxy 設定に関して纏めておきます。
例1
server {
listen 443 ssl;
server_name test.com www.test.com;
client_max_body_size 12m;
proxy_set_header Host $http_host;
ssl_certificate /etc/certs/test.com/current/test.com.pem;
ssl_certificate_key /etc/certs/test.com/current/test.com.key;
location / {
proxy_pass http://localhost:8008;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-HTTPS on;
proxy_set_header X-Forwarded-SSL on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}Nginx の443で受けてlocalの 8008 に渡す感じですね。
Nginx で ssl終端させる感じですね。
例2
server {
listen 443 ssl;
server_name www.test.com;
client_max_body_size 12m;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-HTTPS on;
proxy_set_header X-Forwarded-SSL on;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffer_size 32k;
proxy_buffers 50 32k;
proxy_busy_buffers_size 32k;
ssl_certificate /etc/certs/test.com/current/www.test.com.pem;
ssl_certificate_key /etc/certs/test.com/current/www.test.com.key;
location / {
proxy_pass https://192.168.33.10:443;
}
include /etc/nginx/proxy_virtual/www.test.com/*.conf;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
location ~ (\/api)(\/.*)?{
proxy_pass https://localhost:8008;
}/api でのアクセスであれば local の 8008 に proxy する設定ですね。
それ以外は https://192.168.33.10:443 に proxy させます。
※ L7 での proxy ですね。