一、场景:
系统移动端需要映射到公网,但是后端地址不能映射出去
qbpm.xxxx.cn 系统解析内网IP
qmbpm.xxxx.cn 移动端解析公网IP
二、思路:
移动端前端公网端口放出80 443端口
移动端后端映射到内网后端地址qbpm.xxxx.cn:8443
三、解决方法:
vim nginx.conf
server {
listen 80;
listen 443 ssl;
server_name qbpm.xxxx.cn;
ssl_certificate /etc/nginx/cert/server.crt;
ssl_certificate_key /etc/nginx/cert/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /etc/nginx/flowhtml;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location ^~/prod-api/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://qbpm.xxxx.cn:8443/;
}
}
server {
listen 80;
listen 443 ssl;
server_name qmbpm.xxxx.cn;
ssl_certificate /etc/nginx/cert/server.crt;
ssl_certificate_key /etc/nginx/cert/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /etc/nginx/mflowhtml;
try_files $uri $uri/ /index.html;
index index.html index.htm;
}
location ^~/prod-api/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://qbpm.xxxx.cn:8443/;
}
}