背景

一般代理分为正向的和反向的代理,这里不展开讲,因为我最近刚刚好在弄爬虫需要代理IP,所以下文就讲如何使用Nginx搭建一个正向的代理IP。

前置条件

  • 一台有公网IP的云服务器
  • 防火墙的端口已经开放
  • ubuntu22.04(非必要,只是我的机器是这个)

安装Ningx

提示

  1. nginx 正向代理默认只支持 http,
  2. https 的支持需借助第三方模块 ngx_http_proxy_connect_module实现;

代理http

安装

如果只代理http可以直接通过yum或者apt安装nginx.

配置

server {
    resolver 114.114.114.114;       #指定DNS服务器IP地址
    listen 58080;                   # 监听的端口

  location / {
        proxy_pass http://$http_host$request_uri;     #设定代理服务器的协议和地址
                proxy_set_header HOST $host;
                proxy_buffers 256 4k;
                proxy_connect_timeout 30;
    }
}

代理https

代理https就需要添加上面说的ngx_http_proxy_connect_module三方模块

安装

  1. 安装依赖
    apt -y install make gcc openssl libssl-dev libxml2 libxml2-dev libxslt-dev build-essential libpcre3 libpcre3-dev zlib1g-dev libbrotli1 libbrotli-dev libgd-dev libgeoip-dev
  2. 下载nginx和三方模块ngx_http_proxy_connect_module并解压

    网速慢可以官网下载后上传

wget https://nginx.org/download/nginx-1.24.0.tar.gz
wget https://github.com/chobits/ngx_http_proxy_connect_module/archive/refs/tags/v0.0.5.tar.gz
tar -xzvf nginx-1.24.0.tar.gz
tar -xzvf v0.0.5.tar.gz
mv ngx_http_proxy_connect_module-0.0.5 ngx_http_proxy_connect_module
  1. 添加改模块

    注意这里对应的依赖
    Alt text

    cd nginx-1.24.0.tar.gz/
    patch -p1 < /path/to/ngx_http_proxy_connect_module/patch/proxy_connect.patch
    ./configure --prefix=/usr/local/nginx --pid-path=/var/run/nginx.pid --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream --with-stream_ssl_module --with-mail=dynamic --with-mail_ssl_module --with-stream_realip_module --with-http_geoip_module --add-module=/opt/ngx_http_proxy_connect_module

  2. 编译安装
    make -j4 && make install
  3. 添加环境变量和systemctl
    cp /usr/local/nginx/sbin/nginx /bin/
    cp /usr/local/nginx/sbin/nginx /usr/sbin/nginx
    cat >> /etc/systemd/system/nginx.service <<EOF
    [Unit]
    Description=A high performance web server and a reverse proxy server
    Documentation=man:nginx(8)
    After=network.target

    [Service]
    Type=forking
    PIDFile=/var/run/nginx.pid
    ExecStartPre=/usr/local/nginx/sbin/nginx -t -q -g 'daemon on; master_process on;'
    ExecStart=/usr/local/nginx/sbin/nginx -g 'daemon on; master_process on;'
    ExecReload=/usr/local/nginx/sbin/nginx -g 'daemon on; master_process on;' -s reload
    ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /var/run/nginx.pid
    TimeoutStopSec=5
    KillMode=mixed

    [Install]
    WantedBy=multi-user.target
    EOF


    systemctl daemon-reload
    systemctl start nginx.service
    systemctl enable nginx.service
    systemctl status nginx.service

配置

server {
  
  listen 58443;      # dns resolver used by forward proxying
  resolver 8.8.8.8;
  proxy_connect;     # forward proxy for CONNECT request

  proxy_connect_allow 443 80;
  proxy_connect_connect_timeout 10s;
  proxy_connect_read_timeout 10s;
  proxy_connect_send_timeout 10s;

    location / {
        proxy_pass $scheme://$http_host$request_uri;
        proxy_set_header Host $host;

    }

}

测试

curl  --proxy xxx.xxx.xxx.xxx:xx http://www.baidu.com