我想从 web socket api 获取信息,这需要发送一个 api-key 作为查询字符串,所以我想使用 nginx 作为反向代理来获取请求,然后添加 api-key 。之后将此请求发送到目标 url(我不希望我的用户能够检查浏览器并找到该密钥!!!)
下面是我的 Nuxtjs 应用发送的请求:
http://my-site.com/ws/signalr/negotiate?clientProtocol=2.1
这是 /etc/nginx/sites-available/my-site.com 中的 nginx 配置:
server {
listen 80; # the port nginx is listening on
server_name my-site.com; # setup your domain here
gzip on;
gzip_types text/plain application/xml text/css application/javascript;
gzip_min_length 1000;
charset utf-8;
root /var/www/mysite;
location ~* \.(?:ico|gif|jpe?g|png|woff2?|eot|otf|ttf|svg|js|css)$ {
expires $expires;
add_header Pragma public;
add_header Cache-Control "public";
try_files $uri $uri/ @proxy;
}
location / {
expires $expires;
#add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' https: data:; base-uri 'self';";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN";
try_files $uri $uri/index.html @proxy; # for generate.subFolders: true
# try_files $uri $uri.html @proxy; # for generate.subFolders: false
}
location /ws/ {
proxy_pass https://external-api.net:7890/;
set $args $args&apiKey=MYAPIKEY;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host external-api.net;
}
但这在 error.log 中给了我一个错误:
上游超时(110:未知错误),同时 SSL 与上游握手,客户端:x.x.x.x,服务器:my-site.com,请求:“GET /ws/signalr/negotiate?clientProtocol=2.1 HTTP/1.1”,上游:“ https://y.y.y.y:7890/signalr/negotiate?clientProtocol=2.1&apiKey=MYAPIKEY", host: "my-site.com"
我怎样才能完成这项工作?
仅供参考:我不使用 Docker、容器或负载均衡器。所以我没有把上游放在我的 nginx 配置中。 将
proxy_read_timeout 3600;
添加到我的位置块没有用。