给frp出去的ecs(ruyu-blog)配置子域名(反向代理)呢?
范例:
http://kuailemao.xyz/ #主域名
http://blog.kuailemao.xyz/ #二级域名
主域名:
seasir.top
子域名:
博客 blog.seasir.top
博客后台 admin.seasir.top
自己ruyu-blog部署环境
ecs ip
111.229.208.160
[ruyu-blog-qt]
# 代理的类型,这里是TCP代理
type = tcp
# 本地应用的IP地址,FRP客户端会从这里转发流量
local_ip = 127.0.0.1
# 本地应用的端口,FRP客户端会将请求转发到这个端口
local_port = 80
# 远程服务器上对应的端口,外部访问此端口时流量会被转发到本地的local_ip:local_port
remote_port = 8082
[ruyu-blog-ht]
# 代理的类型,这里是TCP代理
type = tcp
# 本地应用的IP地址,FRP客户端会从这里转发流量
local_ip = 127.0.0.1
# 本地应用的端口,FRP客户端会将请求转发到这个端口
local_port = 81
# 远程服务器上对 应的端口,外部访问此端口时流量会被转发到本地的local_ip:local_port
remote_port = 8083
域名解析
主机记录:blog/admin
记录类型:A
解析请求来源:默认
记录值:111.229.208.160
TTL:10分钟
ecs nginx完整配置(暂未配置https)
# 全局配置
user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# 加载动态模块
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
gzip on; # 启用 gzip 压缩
gzip_vary on;
gzip_proxied any;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
gzip_comp_level 5;
gzip_min_length 256;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
charset utf-8;
# 一级域名 HTTP 配置 (HTTP 重定向到 HTTPS)
server {
listen 80;
server_name seasir.top www.seasir.top;
# 配置 HTTPS 重定向
# return 301 https://$host$request_uri;
}
# 一级域名 HTTPS 配置
server {
# listen 443 ssl http2;
# server_name seasir.top www.seasir.top;
# ssl_certificate /path/to/ssl_certificate.crt;
# ssl_certificate_key /path/to/ssl_certificate_key.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
# ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
# ssl_prefer_server_ciphers on;
location / {
# 这里可以配置为静态文件服务、反向代理或其他服务
root /var/www/html; # 替换为你的网站根目录
index index.html index.htm;
}
# 错误页面配置
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# 二级域名 bolg.seasir.top 的反向代理配置
server {
listen 80;
server_name bolg.seasir.top;
location / {
proxy_pass http://111.229.208.160:8082/; # 实际的后端服务地址
client_max_body_size 100M;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
# 二级域名 admin.seasir.top 的反向代理配置
server {
listen 80;
server_name admin.seasir.top;
location / {
proxy_pass http://111.229.208.160:8083/; # 实际的后台服务地址
client_max_body_size 100M;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
}
- esc 验证 Nginx 配置:
sudo nginx -t
- 如果没有问题,重启 Nginx:
sudo systemctl restart nginx
成功验证
访问:博客前台
访问:博客后台