nginx反代MCSManager面板

教程 2022-09-18

nginx反代MCSManager面板

（0）

准备工作

ssh能够连接服务器
服务器已正确安装nginx
准备好ssl证书
懂得亿点点基础知识/技能

nginx配置文件

假设
我的域名是mcsm.tidex.ink
从机地址是http://baidu.com:24444/
ssl证书在/usr/local/nginx/cert/mcsm.tidex.ink

注意:这个配置不监听ipv6

web反代

    server {
        listen 8081 ssl;
        server_name  mcsm.tidex.ink;
        
        ssl_certificate  /usr/local/nginx/cert/mcsm.tidex.ink/mcsm.tidex.ink_bundle.pem;
        ssl_certificate_key  /usr/local/nginx/cert/mcsm.tidex.ink/mcsm.tidex.ink.key;
        
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
        
        location / {
            proxy_pass http://localhost:23333/;
            root   html;
            index  index.html index.htm;
            
            proxy_set_header Host localhost;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header REMOTE-HOST $remote_addr;
            
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            add_header X-Cache $upstream_cache_status;
            add_header Cache-Control no-cache;
            expires 12h;
        }
    }

主机daemon反代

    server {
        listen 8082 ssl;
        server_name  mcsm.tidex.ink;
        
        ssl_certificate  /usr/local/nginx/cert/mcsm.tidex.ink/mcsm.tidex.ink_bundle.pem;
        ssl_certificate_key  /usr/local/nginx/cert/mcsm.tidex.ink/mcsm.tidex.ink.key;
        
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;      
        
        location / {
            proxy_pass http://localhost:24444/;
            root   html;
            index  index.html index.htm;
            
            proxy_set_header Host localhost;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header REMOTE-HOST $remote_addr;
            
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            add_header X-Cache $upstream_cache_status;
            add_header Cache-Control no-cache;
            expires 12h;
        }
    }

从机daemon反代(可选)

    server {
        listen 8083 ssl;
        server_name  mcsm.tidex.ink;
        
        ssl_certificate  /usr/local/nginx/cert/mcsm.tidex.ink/mcsm.tidex.ink_bundle.pem;
        ssl_certificate_key  /usr/local/nginx/cert/mcsm.tidex.ink/mcsm.tidex.ink.key;
        
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;      
        
        location / {
            proxy_pass **http://baidu.com:24444/**;
            root   html;
            index  index.html index.htm;
            
            proxy_set_header Host localhost;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header REMOTE-HOST $remote_addr;
            
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            add_header X-Cache $upstream_cache_status;
            add_header Cache-Control no-cache;
            expires 12h;
        }
    }

历史更新

20220924 优化结构,内容无大改动

本文为作者tidex发布，未经允许禁止转载！

暂无评论 >_<

加入评论