設(shè)置同一個(gè)域名內(nèi)外網(wǎng)分別訪問對(duì)應(yīng)的ip

搞了HomeAssistant的外網(wǎng)訪問后，內(nèi)外網(wǎng)訪問需要不同的地址，導(dǎo)致一些不必要的麻煩。通過host+nginx配置可以實(shí)現(xiàn)同一個(gè)域名內(nèi)網(wǎng)下訪問內(nèi)網(wǎng)ip，外網(wǎng)訪問外網(wǎng)ip

內(nèi)網(wǎng)host配置

192.168.31.51 Smartplugconnect.phicomm.com
192.168.31.51 minipc.yzapp.cn
192.168.31.51 hass.yzapp.cn
192.168.31.51 docker.yzapp.cn
192.168.31.51 kodi.yzapp.cn

內(nèi)網(wǎng)nginx配置（除了proxy_pass基本和外網(wǎng)的服務(wù)器配置一樣）

...

stream {
    upstream ssh {
        server 127.0.0.1:22;
    }
    server {
        listen XXX;
        proxy_pass ssh;
        proxy_connect_timeout 1h;
        proxy_timeout 1h;
    }
}

http {

    ...

    server {
        listen 443;
        server_name hass.yzapp.cn; #填寫綁定證書的域名
        ssl on;
        ssl_certificate /usr/local/nginx/conf/1_hass.yzapp.cn_bundle.crt;
        ssl_certificate_key /usr/local/nginx/conf/2_hass.yzapp.cn.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_pass http://127.0.0.1:8123;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_max_temp_file_size 0;
            proxy_redirect off;
            proxy_read_timeout 240s;
        }
       }
    server {
        listen 443;
        server_name docker.yzapp.cn; #填寫綁定證書的域名
        ssl on;
        ssl_certificate /usr/local/nginx/conf/1_docker.yzapp.cn_bundle.crt;
        ssl_certificate_key /usr/local/nginx/conf/2_docker.yzapp.cn.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_pass http://127.0.0.1:9000;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_max_temp_file_size 0;
            proxy_redirect off;
            proxy_read_timeout 240s;
        }
    }

    server {
        listen 443 ssl;
        server_name kodi.yzapp.cn; #填寫綁定證書的域名
        # ssl on;
        ssl_certificate C:/Users/nesto/soft/nginx-1.18.0/conf/1_kodi.yzapp.cn_bundle.crt;
        ssl_certificate_key C:/Users/nesto/soft/nginx-1.18.0/conf/2_kodi.yzapp.cn.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
        ssl_prefer_server_ciphers on;
        location / {
            proxy_pass http://127.0.0.1:8080;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_max_temp_file_size 0;
            proxy_redirect off;
            proxy_read_timeout 240s;
        }
    }

    server {  
        listen 80;  
        server_name kodi.yzapp.cn;  
    
        rewrite ^(.*)$  https://$host$1 permanent;  
    }

    server {  
        listen 80;  
        server_name hass.yzapp.cn;  
    
        rewrite ^(.*)$  https://$host$1 permanent;  
    } 
    server {  
        listen 80;  
        server_name docker.yzapp.cn;  
    
        rewrite ^(.*)$  https://$host$1 permanent;  
    }

    ...
}