Detailed steps for yum configuration of nginx reverse proxy

Part.0 Background

The company's intranet servers cannot access the Internet directly, but in order to communicate with the external network and synchronize time, etc., several servers will be designated to access the Internet. Here, a machine with Internet access is used as a proxy to create a yum repository for intranet use.

Part 1 Environment

Intranet DNS (recommended, but not required, as IP can be used instead)

A server A that can access the Internet

Servers that cannot access the Internet can communicate with Server A

Part.2 nginx installation

Install nginx in A that can connect to the external network

yum install nginx

Part.3 nginx configuration

Add nginx configuration in host A

$ cd /etc/nginx/conf.d
$ vim proxy.conf

server {
  listen 80;
  #listen [::]:80;
  server_name mirrors.yourdomain.com;
  index index.html index.htm index.php default.html default.htm default.php;
  root /home/wwwroot/html;

  location /ubuntu/ {
   proxy_pass http://mirrors.aliyun.com/ubuntu/ ;
  }

  location /centos/ {
   proxy_pass http://mirrors.aliyun.com/centos/ ;
  }

  location /epel/ {
   proxy_pass http://mirrors.aliyun.com/epel/ ;
  }
 }

part.4 Configure yum repo source

Modify the repo file of host B that cannot connect to the external network.

$ cat /etc/yum.repos.d/CentOS-7.repo

[base]
name=CentOS-$releasever - Base - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#released updates 
[updates]
name=CentOS-$releasever - Updates - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
gpgcheck=1
enabled=0
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
gpgcheck=1
enabled=0
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

Part.5 Configuring hosts

$ cat /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.193 mirrors.yourdomain.com
# Ensure the A host IP and the reverse proxy address behind

Part.6 Configuring iptables

ping mirrors.yourdomain.com
#Error: No route to host

At this time, check the iptables information in host B and find that port 80 is inaccessible. You can add a rule at the beginning.

$ iptables -nvL

 8155 28M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0   
 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
11756 985K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

$ iptables -I INPUT -p tcp --dport 80 -j ACCEPT

Part 7 Test success

Perform the yum makecache operation on host B. To determine whether the yum operation can be performed.

$ yum clean all
$ yum makecache

Summarize

The above is the full content of this article. I hope that the content of this article will have certain reference learning value for your study or work. If you have any questions, you can leave a message to communicate. Thank you for your support for 123WORDPRESS.COM.

You may also be interested in:

Full process record of Nginx reverse proxy configuration
Detailed explanation of Nginx configuration parameters in Chinese (load balancing and reverse proxy)
Nginx forward and reverse proxy and load balancing functions configuration code example
Simple steps to configure Nginx reverse proxy with SSL
Nginx reverse proxy configuration removes prefix
Detailed explanation of nginx reverse proxy webSocket configuration
A universal nginx interface to implement reverse proxy configuration
Nginx reverse proxy configuration to remove prefix case tutorial

<<: Solve the problem that IN subquery in MySQL will cause the index to be unusable

>>: Detailed explanation of destructuring assignment syntax in Javascript

How to make your JavaScript functions more elegant

Detailed steps for yum configuration of nginx reverse proxy

How to make your JavaScript functions more elegant

Detailed explanation of building a continuous integration cluster service based on docker-swarm

MySQL executes commands for external sql script files

How to enter and exit the Docker container

Basic tutorial on using explain statement in MySQL

Best Practices Guide for Storing Dates in MySQL

Docker installs the official Redis image and enables password authentication

A brief discussion on CSS3 animation jamming solutions

Sql query MySql database table name and description table field (column) information

Simple implementation of ignoring foreign key constraints when deleting MySQL tables

Recommend

Solution to the VMware virtual machine prompt that the exclusive lock of this configuration file failed

HTML pop-up transparent layer instance size can be set and can be proportional

Practical example of Vue virtual list

Detailed explanation of the reason why the MySQL 5.7 slow query log time is 8 hours behind the system time

Implementation of Mysql User Rights Management

JavaScript implements H5 gold coin function (example code)

A brief discussion on whether MySQL can have a function similar to Oracle's nvl

How to connect XShell and network configuration in CentOS7

A very detailed tutorial on installing rocketmq under Docker Desktop

About uniApp editor WeChat sliding problem

Detailed explanation of MySQL database binlog cleanup command

Detailed explanation of Vue filters

Use Vue3 to implement a component that can be called with js

How complicated is the priority of CSS styles?

Solve the problem of Navicat for MySQL reporting 2005 error when connecting to MySQL