Detailed steps for yum configuration of nginx reverse proxy

Part.0 Background

The company's intranet servers cannot access the Internet directly, but in order to communicate with the external network and synchronize time, etc., several servers will be designated to access the Internet. Here, a machine with Internet access is used as a proxy to create a yum repository for intranet use.

Part 1 Environment

Intranet DNS (recommended, but not required, as IP can be used instead)

A server A that can access the Internet

Servers that cannot access the Internet can communicate with Server A

Part.2 nginx installation

Install nginx in A that can connect to the external network

yum install nginx

Part.3 nginx configuration

Add nginx configuration in host A

$ cd /etc/nginx/conf.d
$ vim proxy.conf

server {
  listen 80;
  #listen [::]:80;
  server_name mirrors.yourdomain.com;
  index index.html index.htm index.php default.html default.htm default.php;
  root /home/wwwroot/html;

  location /ubuntu/ {
   proxy_pass http://mirrors.aliyun.com/ubuntu/ ;
  }

  location /centos/ {
   proxy_pass http://mirrors.aliyun.com/centos/ ;
  }

  location /epel/ {
   proxy_pass http://mirrors.aliyun.com/epel/ ;
  }
 }

part.4 Configure yum repo source

Modify the repo file of host B that cannot connect to the external network.

$ cat /etc/yum.repos.d/CentOS-7.repo

[base]
name=CentOS-$releasever - Base - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#released updates 
[updates]
name=CentOS-$releasever - Updates - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
gpgcheck=1
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
gpgcheck=1
enabled=0
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib - mirrors.yourdomain.com
failovermethod=priority
baseurl=http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/
  http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
gpgcheck=1
enabled=0
gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7

Part.5 Configuring hosts

$ cat /etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.193 mirrors.yourdomain.com
# Ensure the A host IP and the reverse proxy address behind

Part.6 Configuring iptables

ping mirrors.yourdomain.com
#Error: No route to host

At this time, check the iptables information in host B and find that port 80 is inaccessible. You can add a rule at the beginning.

$ iptables -nvL

 8155 28M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0   
11761 985K INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0   
 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
11756 985K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited

$ iptables -I INPUT -p tcp --dport 80 -j ACCEPT

Part 7 Test success

Perform the yum makecache operation on host B. To determine whether the yum operation can be performed.

$ yum clean all
$ yum makecache

Summarize

The above is the full content of this article. I hope that the content of this article will have certain reference learning value for your study or work. If you have any questions, you can leave a message to communicate. Thank you for your support for 123WORDPRESS.COM.

You may also be interested in:

Full process record of Nginx reverse proxy configuration
Detailed explanation of Nginx configuration parameters in Chinese (load balancing and reverse proxy)
Nginx forward and reverse proxy and load balancing functions configuration code example
Simple steps to configure Nginx reverse proxy with SSL
Nginx reverse proxy configuration removes prefix
Detailed explanation of nginx reverse proxy webSocket configuration
A universal nginx interface to implement reverse proxy configuration
Nginx reverse proxy configuration to remove prefix case tutorial

<<: Solve the problem that IN subquery in MySQL will cause the index to be unusable

>>: Detailed explanation of destructuring assignment syntax in Javascript

Linux concurrent execution is simple, just do it this way

Detailed steps for yum configuration of nginx reverse proxy

Linux concurrent execution is simple, just do it this way

How to create a basic image of the Python runtime environment using Docker

How to play local media (video and audio) files using HTML and JavaScript

Vue commonly used high-order functions and comprehensive examples

Detailed explanation of selinux basic configuration tutorial in Linux

How to change fixed positioning of child elements to absolute positioning by CSS3 transform

Detailed steps to install Docker 1.8 on CentOS 7

How to use @media in mobile adaptive styles

Implementation idea of left alignment of the last row of flex box layout

【Web Design】Share E-WebTemplates exquisite foreign web page templates (FLASH+PSD source file+HTML)

Recommend

A brief analysis of the usage of HTML float

jQuery implements percentage scoring progress bar

Overview of time configuration under Linux system

UDP DUP timeout UPD port status detection code example

MySQL learning to create and operate databases and table DDL for beginners

Tips for optimizing MySQL SQL statements

Steps to set up HTTPS website based on Nginx

Record the whole process of MySQL master-slave configuration based on Linux

Detailed explanation of zabbix executing scripts or instructions on remote hosts

Nginx one domain name to access multiple projects method example

MySql COALESCE function usage code example

Analysis of the process of configuring Alibaba Cloud proxy warehouse based on Nexus

Each time Docker starts a container, the IP and hosts specified operations

Python writes output to csv operation

Use of Docker UI, a Docker visualization management tool