通过nginx实现智能家居自动内外网切换

设置同一个域名内外网分别访问对应的ip

搞了HomeAssistant的外网访问后,内外网访问需要不同的地址,导致一些不必要的麻烦。通过host+nginx配置可以实现同一个域名内网下访问内网ip,外网访问外网ip

内网host配置

192.168.31.51 Smartplugconnect.phicomm.com
192.168.31.51 minipc.yzapp.cn
192.168.31.51 hass.yzapp.cn
192.168.31.51 docker.yzapp.cn
192.168.31.51 kodi.yzapp.cn

内网nginx配置(除了proxy_pass基本和外网的服务器配置一样)

...

stream {
    upstream ssh {
        server 127.0.0.1:22;
    }
    server {
        listen XXX;
        proxy_pass ssh;
        proxy_connect_timeout 1h;
        proxy_timeout 1h;
    }
}

http {

    ...

    server {
        listen 443;
        server_name hass.yzapp.cn; #填写绑定证书的域名
        ssl on;
        ssl_certificate /usr/local/nginx/conf/1_hass.yzapp.cn_bundle.crt;
        ssl_certificate_key /usr/local/nginx/conf/2_hass.yzapp.cn.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_pass http://127.0.0.1:8123;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_max_temp_file_size 0;
            proxy_redirect off;
            proxy_read_timeout 240s;
        }
       }
    server {
        listen 443;
        server_name docker.yzapp.cn; #填写绑定证书的域名
        ssl on;
        ssl_certificate /usr/local/nginx/conf/1_docker.yzapp.cn_bundle.crt;
        ssl_certificate_key /usr/local/nginx/conf/2_docker.yzapp.cn.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_pass http://127.0.0.1:9000;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_max_temp_file_size 0;
            proxy_redirect off;
            proxy_read_timeout 240s;
        }
    }

    server {
        listen 443 ssl;
        server_name kodi.yzapp.cn; #填写绑定证书的域名
        # ssl on;
        ssl_certificate C:/Users/nesto/soft/nginx-1.18.0/conf/1_kodi.yzapp.cn_bundle.crt;
        ssl_certificate_key C:/Users/nesto/soft/nginx-1.18.0/conf/2_kodi.yzapp.cn.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_pass http://127.0.0.1:8080;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_max_temp_file_size 0;
            proxy_redirect off;
            proxy_read_timeout 240s;
        }
    }

    server {  
        listen 80;  
        server_name kodi.yzapp.cn;  
    
        rewrite ^(.*)$  https://$host$1 permanent;  
    }

    server {  
        listen 80;  
        server_name hass.yzapp.cn;  
    
        rewrite ^(.*)$  https://$host$1 permanent;  
    } 
    server {  
        listen 80;  
        server_name docker.yzapp.cn;  
    
        rewrite ^(.*)$  https://$host$1 permanent;  
    }

    ...
}

你可能感兴趣的:(通过nginx实现智能家居自动内外网切换)