使用nginx反向代理openAI及Google Gemini的API

为了在国内方便使用OpenAI及Google Gemini的API,我们可以使用海外服务器代理OpenAI及Google的相关API。
服务器可使用便宜的AWS轻量服务器,每月3.5美元左右。
下面是整个Nginx的配置文件,修改SSL证书地址即可使用。以下Nginx配置,我已经稳定使用了半年多。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
user  root;
worker_processes auto;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    access_log /var/log/nginx/nginx-access.log;
    error_log /var/log/nginx/nginx-error.log;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    

    sendfile        on;

    keepalive_timeout  65;

    gzip on;
    gzip_static on;

    proxy_buffer_size 128k;
    proxy_buffers 32 128k;
    proxy_busy_buffers_size 128k;

    fastcgi_buffers 8 128k;
    send_timeout 60;

    server {
        listen       443 ssl;
        server_name  azure.ownding.xyz;
        ssl_certificate      /home/chatgpt/cert/azure.ownding.xyz_bundle.crt;
        ssl_certificate_key  /home/chatgpt/cert/azure.ownding.xyz.key;
        ssl_session_cache shared:le_nginx_SSL:1m;
        ssl_session_timeout 1440m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
        location / {
            if ($request_method = 'OPTIONS') {
                add_header Access-Control-Allow-Origin *;
                add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;
                add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Authorization';
                #支持put和delete请求
                return 200;
            }
            # # 设置是否允许 cookie 传输
            # add_header Access-Control-Allow-Credentials true;
            # # 允许请求地址跨域 * 做为通配符
            # add_header Access-Control-Allow-Origin *;
            # add_header Access-Control-Allow-Methods 'GET,POST,PUT,DELETE,PATCH,OPTIONS';
            # add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Authorization';
            proxy_pass  https://api.openai.com/;
            proxy_ssl_server_name on;
            proxy_set_header Host api.openai.com;
            proxy_set_header Connection '';
            proxy_http_version 1.1;
            chunked_transfer_encoding off;
            proxy_buffering off;
            proxy_cache off;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_redirect off;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }

    server {
        listen       8080 ssl;
        server_name  generativelanguage.googleapis.com;
        ssl_certificate      /home/chatgpt/cert/azure.ownding.xyz_bundle.crt;
        ssl_certificate_key  /home/chatgpt/cert/azure.ownding.xyz.key;
        ssl_session_cache shared:le_nginx_SSL:1m;
        ssl_session_timeout 1440m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:!MD5;
        
        proxy_http_version  1.1;
        proxy_set_header    Host generativelanguage.googleapis.com;
        proxy_set_header    X-Real-IP $remote_addr;
        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;

        location / {
            proxy_pass https://generativelanguage.googleapis.com;
            proxy_ssl_server_name on;
        }
    }
}