- 1. 背景
- 2. Nginx安装(包括nginx_upstream_check_module)
- 3. Nginx配置
- 4. 总结
1. 背景
新版本nginx有TCP反向代理功能,nginx的mail proxy配置认证又太麻烦,于是就想用TCP反向功能作mail代理。
2. Nginx安装(包括nginx_upstream_check_module)
- cd /tmp
- tar zxf pcre-8.35.tar.gz
- cd pcre-8.35/
- ./configure --prefix=/usr/local/pcre
- make
- make install
- cd /tmp
- tar zxf openssl-1.0.2g.tar.gz
- cd openssl-1.0.2g/
- ./config enable-tl***t
- make
- make install
- mv -f /usr/bin/openssl /usr/bin/openssl.old
- mv -f /usr/include/openssl /usr/include/openssl.old
- ln -sf /usr/local/ssl/bin/openssl /usr/bin/openssl
- ln -sf /usr/local/ssl/include/openssl /usr/include/openssl
- cd /tmp
- git clone git@github.com:yaoweibin/nginx_upstream_check_module.git
- cd /tmp
- tar zxf nginx-1.13.4.tar.gz
- cd nginx-1.13.4/
- patch -p1 < ../nginx_upstream_check_module/check_1.12.1+.patch
- ./configure --user=www --group=www --prefix=/usr/local/nginx --with-http_stub_status_module --with-stream=dynamic --with-stream_ssl_module --with-pcre=../pcre-8.35 --with-http_ssl_module --with-openssl=../openssl-1.0.2g --add-module=../nginx_upstream_check_module
- make
- make install
3. Nginx配置
- cat nginx.conf
- user www;
- worker_processes 8;
- error_log logs/info.log info;
- #pid logs/nginx.pid;
- load_module modules/ngx_stream_module.so; # 此处要添加模块
- events {
- worker_connections 1024;
- }
- http {
- include mime.types;
- default_type application/octet-stream;
- #log_format main '$remote_addr - $remote_user [$time_local] "$request" '
- # '$status $body_bytes_sent "$http_referer" '
- # '"$http_user_agent" "$http_x_forwarded_for"';
- #access_log logs/access.log main;
- sendfile on;
- #tcp_nopush on;
- #keepalive_timeout 0;
- keepalive_timeout 65;
- #gzip on;
- #设定请求缓冲
- server_names_hash_bucket_size 128;
- client_header_buffer_size 32k;
- large_client_header_buffers 4 32k;
- client_max_body_size 300m;
- #sendfile on;
- tcp_nopush on;
- #keepalive_timeout 60;
- tcp_nodelay on;
- server_tokens off;
- client_body_buffer_size 512k;
- proxy_connect_timeout 20;
- proxy_send_timeout 60;
- proxy_read_timeout 20;
- proxy_buffer_size 16k;
- proxy_buffers 4 64k;
- proxy_busy_buffers_size 128k;
- proxy_temp_file_write_size 128k;
- client_header_timeout 3m;
- client_body_timeout 3m;
- send_timeout 3m;
- gzip on;#开启gzip,节省带宽
- gzip_min_length 1100;
- gzip_buffers 4 8k;
- gzip_types text/plain text/css application/x-javascript image/bmp application/javascript;
- output_buffers 1 32k;
- postpone_output 1460;
- limit_rate_after 3m;#限速模块,前3M下载时不限速
- limit_rate 512k; #限速模块
- include vhost/*.conf;
- }
- stream {
- include stream/*.conf;
- }
- cat stream/mail_pro.conf
- ######### TCP 反向代理负载均衡设置 ###############
- upstream mailsmtp_pro {
- server smtp.mxhichina.com:25;
- }
- server {
- listen 25; # 对外提供服务TCP监听
- proxy_connect_timeout 5s;
- proxy_timeout 5s;
- proxy_pass mailsmtp_pro;
- }
4. 总结
Nginx功能强大,此文也是给想使用TCP反向代理的朋友作个示例参考吧。