简言 在政府,医院等单位有网络安全要求,对内外网进行物理隔离,然后内网主机无法访问互联网下载安装包,通过Nginx反向代理搭建本地yum服务器实现内网主机安装包下载。
Centos8.2部署Nginx Server 系统版本 1 2 [root@yum-server ~]# cat /etc/redhat-release CentOS Linux release 8.2.2004 (Core)
配置Nginx源 1 2 3 进入到源文件路径中,新建nginx.repo cd /etc/yum.repos.d/ mkdir nginx.repo
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 cat nginx.repo [nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key module_hotfixes=true
安装Nginx
查看nginx软件包信息
Nginx配置文件 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 cd /etc/nginx/conf.d/ 新建default.conf server { listen 1888; location /software/ { root /mnt/nginx; autoindex on; autoindex_exact_size off; autoindex_localtime on; charset utf-8,gbk,gb2312; } error_page 500 502 503 504 /50x.html; location = /50x.html { root /mnt/nginx; } location /centos/ { proxy_pass http://mirrors.aliyun.com/centos/; } location /zabbix/ { proxy_pass http://mirrors.aliyun.com/zabbix/; } location = /nginx_status { stub_status on; access_log /var/log/nginx/status.log; allow 127.0.0.1; deny all; } }
注释
1 2 3 4 >autoindex on; # 开启目录文件列表 >autoindex_exact_size on; # 显示出文件的确切大小,单位是bytes >autoindex_localtime on; # 显示的文件时间为文件的服务器时间 >charset utf-8,gbk,gb2312; # 避免中文乱码
防火墙配置
1 2 >firewall-cmd --add-port=1888 /tcp --permanent >firewall-cmd --reload
目录访问测试
内网主机修改repo文件 修改CentOS-Base.repo文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 [base] name=CentOS-$releasever - Base - 192.168.21.32:1888 baseurl=http://192.168.21.32:1888/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=http://192.168.21.32:1888/centos/RPM-GPG-KEY-CentOS-7 #released updates [updates] name=CentOS-$releasever - Updates - 192.168.21.32:1888 baseurl=http://192.168.21.32:1888/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=http://192.168.21.32:1888/centos/RPM-GPG-KEY-CentOS-7 #additional packages that may be useful [extras] name=CentOS-$releasever - Extras - 192.168.21.32:1888 baseurl=http://192.168.21.32:1888/centos/$releasever/extras/$basearch/ gpgcheck=1 gpgkey=http://192.168.21.32:1888/centos/RPM-GPG-KEY-CentOS-7 #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus - 192.168.21.32:1888 baseurl=http://192.168.21.32:1888/centos/$releasever/centosplus/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://192.168.21.32:1888/centos/RPM-GPG-KEY-CentOS-7 #contrib - packages by Centos Users [contrib] name=CentOS-$releasever - Contrib - 192.168.21.32:1888 baseurl=http://192.168.21.32:1888/centos/$releasever/contrib/$basearch/ gpgcheck=1 enabled=0 gpgkey=http://192.168.21.32:1888/centos/RPM-GPG-KEY-CentOS-7
zabbix.repo
1 2 3 4 5 6 7 8 9 10 11 12 13 14 cat zabbix.repo [zabbix] name=Zabbix Official Repository - $basearch baseurl=http://192.168.21.32:1888/zabbix/zabbix/4.2/rhel/7/$basearch/ enabled=1 gpgcheck=1 gpgkey=http://192.168.21.32:1888/zabbix/RPM-GPG-KEY-ZABBIX-A14FE591 [zabbix-non-supported] name=Zabbix Official Repository non-supported - $basearch baseurl=http://192.168.21.32:1888/zabbix/non-supported/rhel/7/$basearch/ enabled=1 gpgkey=http://192.168.21.32:1888/zabbix/RPM-GPG-KEY-ZABBIX gpgcheck=1
清除缓存
生成缓存
查看rpm
yum 测试