Nginx

通過 Haproxy 轉發真實 IP => Nginx => Unicorn

  • October 26, 2017

如何將真實訪客的 IP 地址轉發給 Unicorn?目前設置是:

Haproxy => Nginx => Unicorn
  1. 如何將真實 IP 地址從 Haproxy 轉發到 Nginx 再到 Unicorn?目前它總是只有 127.0.0.1
  2. 我讀到 X 標頭將被棄用。https://www.rfc-editor.org/rfc/rfc6648 - 這將如何影響我們?

代理配置:

# haproxy config
defaults
   log global
   mode    http
   option  httplog
   option  dontlognull
   option httpclose
   retries 3
   option redispatch
   maxconn 2000
   contimeout  5000
   clitimeout  50000
   srvtimeout  50000

# Rails Backend
backend deployer-production
   reqrep    ^([^\ ]*)\ /api/(.*)  \1\ /\2
   balance     roundrobin
   server      deployer-production localhost:9000 check

Nginx 配置:

upstream unicorn-production {
 server unix:/tmp/unicorn.ordify-backend-production.sock fail_timeout=0;
}

server {
 listen 9000 default;
 server_name manager.ordify.localhost;
 root /home/deployer/apps/ordify-backend-production/current/public;
 access_log /var/log/nginx/ordify-backend-production_access.log;
 rewrite_log on;

 try_files $uri/index.html $uri @unicorn;

 location @unicorn {
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header Host $http_host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_redirect off;
   proxy_pass http://unicorn-production;

   proxy_connect_timeout 90;
   proxy_send_timeout 90;
   proxy_read_timeout 90;
 }

 error_page 500 502 503 504 /500.html;
 client_max_body_size 4G;
 keepalive_timeout 10;
}

您應該添加option forwardfor到 Haproxy 配置並配置 nginx realip 模組: http ://nginx.org/en/docs/http/ngx_http_realip_module.html

引用自:https://serverfault.com/questions/406716

相關問答

Nginx

HAProxy 配置中的多個 forwardfor 命令

  • May 4, 2021
檢視問答
Nginx

如果 HAProxy 後端 nginx 伺服器無法連接到 Unicorn,則將其取消輪換

  • April 16, 2014
檢視問答
Nginx

比較使用 HAProxy 和 Nginx 的 HTTP 負載平衡

  • October 12, 2012
檢視問答
Nginx

HTTP 反向代理是否通常在代理連接的客戶端而不是伺服器端啟用 HTTP Keep-Alive?

  • September 12, 2012
檢視問答
Nginx

如何決定是否需要將 HAProxy 引入我的 Web 應用程序的 nginx-unicorn 堆棧?

  • March 5, 2012
檢視問答
Nginx

從本地網路訪問 nginx

  • September 16, 2022
檢視問答