使用nginx做端口转发提供内网服务

需求：我的电脑里装了两个虚拟机。一个是nat加host-only网络环境，一个是‘nat网络’网络环境。

host-only的网络的虚拟机（后文简称A）里在80端口提供两个网站服务：homestead.test和bunian.cn。

nat网络的虚拟机（后文简称B）里在80端口提供一个网站服务：rocky.com。

我现在希望我的局域网中的其他电脑能访问我电脑里的这三个服务。

解决方案：使用nginx做端口转发。

一、网络环境

A的网络：

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.2.15  netmask 255.255.255.0  broadcast 10.0.2.255
        inet6 fe80::a00:27ff:fe9e:e528  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:9e:e5:28  txqueuelen 1000  (Ethernet)
        RX packets 32281  bytes 36852695 (36.8 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 12531  bytes 1588799 (1.5 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.10  netmask 255.255.255.0  broadcast 192.168.10.255
        inet6 fe80::a00:27ff:fee0:1b57  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:e0:1b:57  txqueuelen 1000  (Ethernet)
        RX packets 28364  bytes 5341677 (5.3 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 55262  bytes 111451643 (111.4 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 12857  bytes 4268810 (4.2 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 12857  bytes 4268810 (4.2 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

A有两个网卡，一个是NAT的，一个是Host-only的。192.168.10.10是host-only的地址。

B的IP是10.0.0.3，映射80端口到我本机（macbook）8080端口。

二、nginx配置

worker_processes  1;


events {
    worker_connections  1024;
}

http{
    upstream bn{
	server 127.0.0.1:8080;
    }
    upstream bunian{
	server 192.168.10.10:80;
    }

	server {
	    listen       80;
	    server_name  rocky.com;
	    access_log logs/book.log;
	    error_log logs/book.error;
	    
	    location / {
		proxy_set_header Host $host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_pass http://bn;
	    }
	}

	server {
	    listen       80;
	    server_name  bunian.cn;
	    access_log logs/movie.log;
	    error_log logs/movie.error;
	    
	    location / {
		proxy_set_header Host $host;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_pass http://bunian;
	    }
	}

	server {
	    listen       80;
	    server_name  homestead.test;
	    access_log logs/movie.log;
	    error_log logs/movie.error;
	    
	    location / {
		proxy_set_header host $host;
		proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
		proxy_pass http://bunian;
	    }
	}

}

三、本机Host配置

127.0.0.1       rocky.com
127.0.0.1 bunian.cn
127.0.0.1 homestead.test

四、总结

就是通过nginx开放本机的80端口给局域网的用户访问。然后再通过nginx的端口转发功能将对应的请求转发到对应的电脑上。同一台虚拟机上多个网站都采用80端口提供服务的，使用server_name来区分。