Detailed steps for yum configuration of nginx reverse proxy

Part.0 Background

The company's intranet servers cannot access the Internet directly, but in order to communicate with the external network and synchronize time, etc., several servers will be designated to access the Internet. Here, a machine with Internet access is used as a proxy to create a yum repository for intranet use.

Part 1 Environment

Intranet DNS (recommended, but not required, as IP can be used instead)

A server A that can access the Internet

Servers that cannot access the Internet can communicate with Server A

Part.2 nginx installation

Install nginx in A that can connect to the external network

yum install nginx

Part.3 nginx configuration

Add nginx configuration in host A

$ cd /etc/nginx/conf.d
$ vim proxy.conf

server {
  listen 80;
  #listen [::]:80;
  server_name mirrors.yourdomain.com;
  index index.html index.htm index.php default.html default.htm default.php;
  root /home/wwwroot/html;

  location /ubuntu/ {
   proxy_pass http://mirrors.aliyun.com/ubuntu/ ;
  }

  location /centos/ {
   proxy_pass http://mirrors.aliyun.com/centos/ ;
  }

  location /epel/ {
   proxy_pass http://mirrors.aliyun.com/epel/ ;
  }
 }

part.4 Configure yum repo source

Modify the repo file of host B that cannot connect to the external network.

$ cat /etc/yum.repos.d/CentOS-7.repo

[base]
name=CentOS-$releasever - Base - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#released updates 
[updates]
name=CentOS-$releasever - Updates - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
gpgcheck=1
enabled=0
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
gpgcheck=1
enabled=0
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

Part.5 Configuring hosts

$ cat /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.193 mirrors.yourdomain.com
# Ensure the A host IP and the reverse proxy address behind

Part.6 Configuring iptables

ping mirrors.yourdomain.com
#Error: No route to host

At this time, check the iptables information in host B and find that port 80 is inaccessible. You can add a rule at the beginning.

$ iptables -nvL

 8155 28M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0   
 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
11756 985K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

$ iptables -I INPUT -p tcp --dport 80 -j ACCEPT

Part 7 Test success

Perform the yum makecache operation on host B. To determine whether the yum operation can be performed.

$ yum clean all
$ yum makecache

Summarize

The above is the full content of this article. I hope that the content of this article will have certain reference learning value for your study or work. If you have any questions, you can leave a message to communicate. Thank you for your support for 123WORDPRESS.COM.

You may also be interested in:

Full process record of Nginx reverse proxy configuration
Detailed explanation of Nginx configuration parameters in Chinese (load balancing and reverse proxy)
Nginx forward and reverse proxy and load balancing functions configuration code example
Simple steps to configure Nginx reverse proxy with SSL
Nginx reverse proxy configuration removes prefix
Detailed explanation of nginx reverse proxy webSocket configuration
A universal nginx interface to implement reverse proxy configuration
Nginx reverse proxy configuration to remove prefix case tutorial

<<: Solve the problem that IN subquery in MySQL will cause the index to be unusable

>>: Detailed explanation of destructuring assignment syntax in Javascript

Summary of CSS gradient effects (linear-gradient and radial-gradient)

Detailed steps for yum configuration of nginx reverse proxy

Summary of CSS gradient effects (linear-gradient and radial-gradient)

A brief discussion on two methods to solve space-evenly compatibility issues

MySQL 5.7.18 MSI Installation Graphics Tutorial

A brief analysis of the difference between and and where in MySQL connection query

js returns to the previous page and refreshes the code

Mysql implements master-slave configuration and multi-master-multi-slave configuration

Detailed installation and use of SSH in Ubuntu environment

Analysis and summary of the impact of MySQL transactions on efficiency

CSS float (float, clear) popular explanation and experience sharing

CSS3 border effects

Recommend

Teach you how to enable the Linux subsystem of Win10 (with detailed pictures and text)

How to allow remote access to open ports in Linux

How to set mysql5.7 encoding set to utf8mb4

Detailed explanation of the Svelte implementation principle for simple and easy JavaScript development

Example code for Html layered box-shadow effect

Six inheritance methods in JS and their advantages and disadvantages

The latest popular script Autojs source code sharing

MySQL uses variables to implement various sorting

Difference and implementation of JavaScript anti-shake and throttling

Web design experience: Make the navigation system thin

Solution to Incorrect string value in MySQL

A detailed tutorial on master-slave replication and read-write separation of MySQL database

Complete steps to use mock.js in Vue project

SQL group by to remove duplicates and sort by other fields

Detailed explanation of JS homology strategy and CSRF