Nginx
通過 Haproxy 轉發真實 IP => Nginx => Unicorn
如何將真實訪客的 IP 地址轉發給 Unicorn?目前設置是:
Haproxy => Nginx => Unicorn
- 如何將真實 IP 地址從 Haproxy 轉發到 Nginx 再到 Unicorn?目前它總是只有 127.0.0.1
- 我讀到 X 標頭將被棄用。https://www.rfc-editor.org/rfc/rfc6648 - 這將如何影響我們?
代理配置:
# haproxy config defaults log global mode http option httplog option dontlognull option httpclose retries 3 option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 # Rails Backend backend deployer-production reqrep ^([^\ ]*)\ /api/(.*) \1\ /\2 balance roundrobin server deployer-production localhost:9000 check
Nginx 配置:
upstream unicorn-production { server unix:/tmp/unicorn.ordify-backend-production.sock fail_timeout=0; } server { listen 9000 default; server_name manager.ordify.localhost; root /home/deployer/apps/ordify-backend-production/current/public; access_log /var/log/nginx/ordify-backend-production_access.log; rewrite_log on; try_files $uri/index.html $uri @unicorn; location @unicorn { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_redirect off; proxy_pass http://unicorn-production; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; } error_page 500 502 503 504 /500.html; client_max_body_size 4G; keepalive_timeout 10; }
您應該添加
option forwardfor
到 Haproxy 配置並配置 nginx realip 模組: http ://nginx.org/en/docs/http/ngx_http_realip_module.html