Nginx 搭建代理服务器

Linux   2024-09-10 12:18   341   0  

下载ngx_http_proxy_connect_module模块

[root@tky ~]# wget https://github.com/chobits/ngx_http_proxy_connect_module/archive/refs/tags/v0.0.7.tar.gz
[root@tky ~]# tar xf v0.0.7.tar.gz

安装Openresty

[root@tky package]# wget https://openresty.org/download/openresty-1.25.3.2.tar.gz
[root@tky package]# tar xf openresty-1.25.3.2.tar.gz
[root@tky package]# cd openresty-1.25.3.2
[root@tky openresty-1.25.3.2]# ./configure --prefix=/usr/local/openresty --with-cc-opt=-O2 --with-pcre --with-http_realip_module --with-http_sub_module --with-http_stub_status_module --with-stream --with-stream_ssl_module --with-http_v2_module --with-stream --with-stream_ssl_preread_module --with-http_ssl_module --add-module=/root/ngx_http_proxy_connect_module-0.0.7/
[root@tky openresty-1.25.3.2]# yum -y install patch
[root@tky openresty-1.25.3.2]# patch -d build/nginx-1.25.3/ -p 1 < /root/ngx_http_proxy_connect_module-0.0.7/patch/proxy_connect_rewrite_102101.patch
[root@tky openresty-1.25.3.2]# gmake -j2 && gmake install

conf配置

[root@tky ~]# cat /usr/local/openresty/nginx/conf/www/proxy.conf
server {
   listen 8443;
   resolver 8.8.8.8;
   proxy_connect;
   proxy_connect_allow            all;
   proxy_connect_connect_timeout  60s;
   proxy_connect_read_timeout     60s;
   proxy_connect_send_timeout     60s;
   access_log logs/proxy_access.log main;
   error_log logs/proxy_error.log;
   auth_basic "Proxy Authentication.";
   auth_basic_user_file /usr/local/openresty/nginx/conf/passwd/proxy.pass;
   rewrite_by_lua_file /usr/local/openresty/nginx/conf/lua/proxy_auth.lua;
   location / {
       proxy_set_header Host $host;
       proxy_pass $scheme://$host$request_uri;
       proxy_hide_header Authorization;
       proxy_hide_header Proxy-Authorization;
   }
}

lua配置

[root@tky ~]# cat /usr/local/openresty/nginx/conf/lua/proxy_auth.lua
-- check Proxy-Authorization for https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/407
if not ngx.var.http_proxy_authorization then
   ngx.header["Proxy-Authenticate"] = "Basic realm=\"Access To Internal Site.\""
   ngx.exit(407)
end

-- transfer Proxy-Authorization header to Authorization for auth basic module
ngx.req.set_header("Authorization", ngx.var.http_proxy_authorization)



博客评论
还没有人评论,赶紧抢个沙发~
发表评论
说明:请文明发言,共建和谐网络,您的个人信息不会被公开显示。