search

woodongwong / notes

4 stars 0 forks source link

我的家庭web服务拓扑图 #68

Open woodongwong opened 2 years ago

woodongwong commented 2 years ago 
+----------------------+
|                      |
| AAAA 2001::68f4:2eb9 |
| A    1.1.1.1         |
|                      |
+----------------------+
   www.example.com DNS

                       AWS                                                   HOME
+-----------------------------------------------+          +--------------------------------------+
|                                               |          |                                      |
| +-------------------------------------------+ |          |                                      |
| |                                           | |          |                                      |
| | server {                                  | |          |                                      |
| |     listen 80;                            | |          |                                      |
| |     server_name www.example.com;          | |          | +----------------------------------+ |
| |     location / {                          | |          | |                                  | |
| |         proxy_pass http://127.0.0.1:8080; | |          | | server {                         | |
| |     }                            +        | |          | |     listen 80;                   | |
| | }                                |        | |          | |     listen [::]:80;              | |
| |                                  |        | |          | |     server_name www.example.com; | |
| +-------------------------------------------+ |          | |     root /usr/share/nginx/html;  | |
|                     nginx          |          |          | | }                                | |
|                                    |          |          | |                                  | |
|                                    v          |          | +------+---------------------------+ |
| +----------------------------------+--------+ |          |        ^        nginx                |
| |                                           | |          |        |                             |
| | socat TCP4-LISTEN:8080,bind=127.0.0.1,\   | |          |        |                             |
| | fork TCP6:www.example.com:80              +---------------------+                             |
| |                                           | |          |                                      |
| +-------------------------------------------+ |          |                                      |
|                     socat                     |          |                                      |
|                                               |          |                                      |
+-----------------------------------------------+          +--------------------------------------+
            ipv4: 1.1.1.1                                           ipv4: none
            ipv6: 2606:4700:4700::1111                              ipv6: 2001::68f4:2eb9

家宽没有公网 ipv4,使用 AWS 做代理(ipv4 to ipv6)。 一开始使用 nginx stream,发现 nginx 并不会优先使用 ipv6,如果存在多个 DNS 记录,nginx 会轮询。 如果是 https 协议,nginx 需要开启proxy_ssl_server_name,并设置proxy_ssl_name,例如:

server {
    listen 443 ssl http2;
    server_name www.example.com;

    # SSL配置
    ssl_certificate ;
    ssl_certificate_key;
    # 其他配置......

    location / {
        proxy_pass https://127.0.0.1:8080;
        proxy_ssl_server_name on;
        proxy_ssl_name www.example.com;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        # 其他配置......
    }
}