准备:
购买一台香港区服务器
购买一个跨境带宽包, (需要拿企业营业执照备案)
购买一个云企业网
安装nginx
这个nginx是阿里云二次开发的,引入的也是特殊的模块,配置也不一样
sudo yum install yum-utils -yvim /etc/yum.repos.d/nginx.repo[root@iZj6c0od2gvqtan4qpaapcZ ~]# cat /etc/yum.repos.d/nginx.repo[nginx-stable]name=nginx stable repobaseurl=http://nginx.org/packages/centos/$releasever/$basearch/gpgcheck=1enabled=1gpgkey=https://nginx.org/keys/nginx_signing.keymodule_hotfixes=true[nginx-mainline]name=nginx mainline repobaseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/gpgcheck=1enabled=0gpgkey=https://nginx.org/keys/nginx_signing.keymodule_hotfixes=truesudo yum install yum-sudo yum-config-manager --enable nginx-mainlinesudo yum install nginx -ysudo setsebool -P httpd_can_network_connect 1systemctl start nginx
配置
user nginx;worker_processes auto;error_log /var/log/nginx/error.log;pid /run/nginx.pid;include /usr/share/nginx/modules/*.conf;events {use epoll;worker_connections 4096;}stream {map $ssl_preread_server_name $backend_pool {https://www.apple.com $ssl_preread_server_name:$server_port;https://www.google.com $ssl_preread_server_name:$server_port;https://www.facebook.com $ssl_preread_server_name:$server_port;https://www.googleapis.com $ssl_preread_server_name:$server_port;https://oauth2.googleapis.com $ssl_preread_server_name:$server_port;googleapis.com $ssl_preread_server_name:$server_port;oauth2.googleapis.com $ssl_preread_server_name:$server_port;apple.com $ssl_preread_server_name:$server_port;~.*\.apple\.com $ssl_preread_server_name:$server_port;google.com $ssl_preread_server_name:$server_port;facebook.com $ssl_preread_server_name:$server_port;~.*\.facebook\.com $ssl_preread_server_name:$server_port;~.*\.oauth2.googleapis\.com $ssl_preread_server_name:$server_port;~.*\.googleapis\.com $ssl_preread_server_name:$server_port;~.*\.google\.com $ssl_preread_server_name:$server_port;default "";}server {listen 443;ssl_preread on;resolver 8.8.8.8;proxy_pass $backend_pool;}}http {log_format main '$remote_addr - $remote_user [$time_local] $host$request_uri "$request" ''$status $body_bytes_sent "$http_referer" ''"$http_user_agent" "$http_x_forwarded_for"';access_log /var/log/nginx/access.log main;sendfile on;tcp_nopush on;tcp_nodelay on;keepalive_timeout 65;types_hash_max_size 2048;gzip on;gzip_comp_level 6;gzip_http_version 1.1;gzip_proxied any;gzip_min_length 1k;gzip_buffers 16 8k;gzip_types text/plain text/css text/javascript application/json application/javascript application/x-javascript application/xml;gzip_vary on;#end gzipclient_max_body_size 10m; client_body_buffer_size 128k;proxy_buffer_size 128k;proxy_buffers 32 64k;proxy_busy_buffers_size 256k;proxy_connect_timeout 60;proxy_send_timeout 60;proxy_read_timeout 60;include /etc/nginx/mime.types;default_type application/octet-stream;include /etc/nginx/conf.d/*.conf;server {listen 80 default_server;listen [::]:80 default_server;server_name _;# Load configuration files for the default server block.include /etc/nginx/default.d/*.conf;location / {set $is_allow 0;if ($host = 'www.apple.com') {set $is_allow 1;}if ($host = 'www.facebook.com') {set $is_allow 1;}if ($host = 'www.google.com') {set $is_allow 1;}if ($host = 'www.googleapis.com') {set $is_allow 1;}if ($host = 'apple.com') {set $is_allow 1;}if ($host = 'facebook.com') {set $is_allow 1;}if ($host = 'google.com') {set $is_allow 1;}if ($host = 'googleapis.com') {set $is_allow 1;}if ($host ~ '.*\.office365\.com') {set $is_allow 1;}if ($is_allow = 0) {return 404;}proxy_set_header Host $host;proxy_set_header Accept-Encoding "";proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header Cookie $http_cookie;resolver 8.8.8.8;proxy_pass http://$host:$server_port$request_uri;}}}
PrivateZone
云解析DNS—-》PrivateZone—-》添加Zone
点击解析设置,进去添加记录,解析泛域名,记录值是香港服务器内网ip:172.21.15.93
若有收获,就点个赞吧
0 人点赞
