nginx反向代理emqx
1. docker部署emqx
services:
emqx:
image: emqx/emqx:5.10.0
container_name: emqx4
privileged: true
#restart: always
environment:
- "EMQX_NODE_NAME=emqx@node1.emqx.io"
- "EMQX_CLUSTER__DISCOVERY_STRATEGY=static"
healthcheck:
test: ["CMD", "/opt/emqx/bin/emqx", "ctl", "status"]
interval: 5s
timeout: 25s
retries: 5
networks:
emqx-bridge:
aliases:
- node1.emqx.io
ports:
- 1883:1883
- 8083:8083
- 8084:8084
- 8883:8883
- 18083:18083
volumes:
# - /volume1/docker/emqx/data:/opt/emqx/data
- /volume1/docker/emqx/emqx4/emqx.conf:/opt/emqx/opt/etc/emqx.conf
- /volume1/docker/emqx/log:/opt/emqx/log
networks:
emqx-bridge:
driver: bridge
2. nginx配置文件
nginx.conf文件:
user www www;
worker_processes auto;
error_log /www/wwwlogs/nginx_error.log crit;
pid /www/server/nginx/logs/nginx.pid;
worker_rlimit_nofile 51200;
stream {
# 定义日志格式
log_format tcp_format '$time_local|$remote_addr|$protocol|$status|$bytes_sent|$bytes_received|$session_time|$upstream_addr|$upstream_bytes_sent|$upstream_bytes_received|$upstream_connect_time';
allow all;
access_log /home/eason/dywl/nginx/log/tcp-access.log tcp_format;
error_log /home/eason/dywl/nginx/log/tcp-error.log;
#include /www/server/panel/vhost/nginx/tcp/*.conf;
include /home/eason/dywl/nginx/bt-conf/tcp/*.conf;
}
events
{
use epoll;
worker_connections 51200;
multi_accept on;
}
http
{
include mime.types;
#include luawaf.conf;
include proxy.conf;
lua_package_path "/www/server/nginx/lib/lua/?.lua;;";
default_type application/octet-stream;
server_names_hash_bucket_size 512;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 5;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/json image/jpeg image/gif image/png font/ttf font/otf image/svg+xml application/xml+rss text/x-js;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
limit_conn_zone $binary_remote_addr zone=perip:10m;
limit_conn_zone $server_name zone=perserver:10m;
server_tokens off;
access_log off;
include /www/server/panel/vhost/nginx/*.conf;
include /home/eason/dywl/nginx/bt-conf/*.conf;
}
tcp.mqtt.conf放在文件夹/home/eason/dywl/nginx/bt-conf/tcp下
# MQTT TCP 代理 (1883)
server {
listen 1883;
proxy_pass 10.8.0.4:1883;
#proxy_protocol on; # 开启 PROXY 协议传递真实 IP
#proxy_bind $remote_addr transparent; # 绑定真实I
proxy_connect_timeout 10s;
proxy_timeout 1800s; # 默认心跳时间
proxy_buffer_size 3M;
tcp_nodelay on;
access_log /home/eason/dywl/nginx/log/mqtt_tcp_access.log tcp_format;
error_log /home/eason/dywl/nginx/log/mqtt_tcp_error.log;
}
emqx界面中配置
以上是透传模式。
如果采用代理模式,需要配置#proxy_protocol on配置项开启,则需要配置下面设置,这个时候mqttx连接不上emqx
管理——监听器
代理协议修改为true