If the company has wechat development needs, there must be a registered domain name and port 80
Staff development and debugging is a problem, if every time looking for transportation, maintenance, maintenance, will be K.
The switch sets up the DMZ to a fixed server on which to deploy Nginx/OpenResty
We can implement gitlab(SVN)+ Jenkins/Ansible and other operation and maintenance methods to commit the configuration file to GitLab to trigger CI/CD push to nginx server, and perform reload
Of course, there are workarounds, such as openResty + Lua subscribing to Redis, discovering changes, reading the redis configuration, rewriting to the local configuration file and reloading, but it is always cumbersome
The following is a dynamic domain name scheme with server_name set as a wildcard
server { listen 443 http2 ssl; listen 80; server_name ~(? <h>.+)_(? <a>\d+)_(? <b>\d+).domain.com; location / { //proxy settings ... //proxy_set_header Host $h; Proxy_pass http://192.168.$a.$b; }}Copy the code
Method of use
Install nginx on the developer machine and configure the corresponding vhost
server {
listen 80;
server_name abc*;
location / {
root html;
indexindex.html; }}Copy the code
curl http[s]://abc_1_1.domain.com
Copy the code
Is equal to the
curl -H"abc_1_1.domain.com"[s] HTTP: / / 192.168.1.1Copy the code
Why is it separated by _ and not by. For example, *. Domain.com supports only a.domian.com. A.b.domain.com is invalid. If you do not need HTTPS access (small programs need HTTPS), You can modify it to. separated
Note that this solution has some security risks, such as IP blasting (you can set up whitelist access, basic auth, and limit the dynamic IP range).
Advantages are simple maintenance (add domain name, change domain name -> IP mapping, modify configuration, collect data, print logs, etc.)
This article is only one of the reverse proxy, similar to the reverse proxy scheme FRP and NGROK, can also use DNS (BIND, DNSMasq).