设置反向代理
使用Nginx,配置用域名进行访问,需使用websocket连接。
由于部署在公司内网,我这里使用了二层Nginx,第一层是在一台具有公网IP的ECS,第二层是一台路由器上转发到内网443端口上的虚拟机:
第一层Nginx上站点子配置:
# Nginx Second Configure File.
upstream Inc_nginx_tls {
server company_public_ip:53763;
}
server {
listen 80;
listen 443 ssl;
server_name ~^(imc|up)\.example\.com$;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
access_log logs/imc_access.log;
error_log logs/imc_error.log;
location / {
proxy_pass https://Inc_nginx_tls;
proxy_ssl_verify off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Nginx-Proxy true;
}
include vhosts/cert.bot;
}
我这里写的正则,监听处理imc和up两个域名地址。
第二层Nginx上为能够正确获取浏览器客户端访问的正确IP地址,需在主配置文件中添加从包头中获取真实IP地址:
http {
...
set_real_ip_from ecs_public_ip;
real_ip_header X-Forwarded-For;
include vhosts/*.conf;
}
站点子配置文件:
# Nginx Second Configure File.
# Uptime-kuma
upstream uptime {
# 接口
server 192.168.2.6:3001;
}
server {
listen 80;
listen 443 ssl;
server_name up.example.com;
ssl_certificate certs/chat-imc.crt;
ssl_certificate_key certs/chat-imc.key;
access_log logs/up_access.log;
error_log logs/up_error.log ;
# No Robots
location = /robots.txt {
return 200 "User-agent: *\nDisallow: /";
}
location / {
proxy_pass http://uptime/;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Nginx-Proxy true;
}
}
配置好后访问即可:
后记
此工具主要实现的是站点/地址的网络连通状态的监控,并提供一个美观直接的结果展示页面,如果要监控更为详细的数据,还需使用其它工具。