Skip to main content

Forward Proxy with proxy_pass Module

Step 1: Build Nginx with proxy_pass module from source code 

sudo -i
mkdir /nginx && cd /nginx
yum install -y gcc pcre-devel openssl-devel zlib-devel patch
wget https://github.com/chobits/ngx_http_proxy_connect_module/archive/refs/tags/v0.0.5.tar.gz
wget http://nginx.org/download/nginx-1.25.3.tar.gz
wget https://raw.githubusercontent.com/chobits/ngx_http_proxy_connect_module/master/patch/proxy_connect_rewrite_102101.patch
tar -xzvf v0.0.5.tar.gz
tar -xzvf nginx-1.25.3.tar.gz
cd nginx-1.25.3/
patch -p1 < /nginx/proxy_connect_rewrite_102101.patch
./configure \
--user=www \
--group=www \
--prefix=/usr/local/nginx \
--with-http_ssl_module \
--with-http_stub_status_module \
--with-http_realip_module \
--with-threads \
--add-module=/tmp/ngx_http_proxy_connect_module-0.0.5 \
--with-cc-opt="-Wno-error"
make && make install
useradd www

Step 2: Create a niginx service file 

Copy the text below and save it as /lib/systemd/system/nginx.service.

[Unit]
Description=The NGINX HTTP and reverse proxy server
After=syslog.target network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target

[Service]
Type=forking
PIDFile=/run/nginx.pid
ExecStartPre=/usr/local/nginx/sbin/nginx-t
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true

[Install]
WantedBy=multi-user.target

Step 3: Reload services systemctl daemon-reload

systemctl daemon-reload

Step 4: Edit nginx config file

Edit the /usr/local/nginx/conf/nginx.conf.

user www;
worker_processes auto;
pid /run/nginx.pid;

error_log  logs/error.log;
error_log  logs/error.log  notice;
error_log  logs/error.log  info;

events {
    worker_connections  1024;
}

http {
    include mime.types;
    default_type application/octet-stream;

    sendfile on;
    keepalive_timeout 65;

 # Can delete this if you don't need
 # For testing purposes
    server {
        listen 80;
        server_name localhost;
        location / {
            root html;
            index index.html index.htm;
        }
        error_page 404 /404.html;
    }

 # Forwarding Configuration
    server {
  # Listen to what port number?
        listen 8080;

        # dns resolver used by forward proxying
        resolver 192.168.1.4;

        # forward proxy for CONNECT requests
        proxy_connect;
        proxy_connect_allow 443 563;
        proxy_connect_connect_timeout 10s;
        proxy_connect_data_timeout 10s;

        # defined by yourself for non-CONNECT requests
        # Example: reverse proxy for non-CONNECT requests
        location / {
            proxy_pass http://$host;
            proxy_set_header Host $host;
        }
    }
}

Step 5: Start nginx service

systemctl enable nginx
systemctl start nginx

And the manually configure proxy to clients. 

 

No Comments
Back to top