Nginx反代Ollama接口跨域无法逐字输出问题详解_Redis

场景

本地部署deepseek模型，用的ollama管理，内网穿透到公网，在通过nginx反代ollama接口。

问题描述

跨域问题

nginx转发时请求头中需要加入origin，并且origin还要和ollama接口同源（协议、ip、端口一致）。

proxy_set_header origin http://ip:11434;

无法逐字输出

关键配置：禁用缓冲和缓存

proxy_buffering off;
proxy_cache off;

确保流式传输的实时性

proxy_set_header connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;

完整配置

server {
        listen 80;
        server_name 域名;
        return 301 https://$server_name$request_uri;
}
server {
        listen 443 ssl;
        server_name 域名;
        
		#ssl证书配置
        ssl_certificate      /opt/nginx/conf/ssl/xxx/fullchain.pem;
        ssl_certificate_key  /opt/nginx/conf/ssl/xxx/key.pem;
        ssl_session_cache    shared:ssl:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  high:!anull:!md5;
        ssl_prefer_server_ciphers  on;
        
 	# 反代到 ollama api
    location /api/ {
    	# ollama 默认端口是 11434
        proxy_pass  http://服务器ip:11434;  
        # 请求时的origin请求头
        proxy_set_header origin http://服务器ip:11434;
        
        # 关闭 nginx 的响应缓冲，强制数据实时传输到客户端
        proxy_buffering off;
        # 使用 http/1.1 以支持长连接，避免 http/1.0 的短连接问题
        proxy_cache off;
        # 确保流式传输的实时性
        proxy_set_header connection '';
        proxy_http_version 1.1;
        # 关闭 nginx 的分块编码处理（根据实际情况调整）
        chunked_transfer_encoding off;

        proxy_set_header x-real-ip $remote_addr;
        proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
        proxy_set_header x-forwarded-proto $scheme;

        # 添加 cors 头部
        add_header 'access-control-allow-origin' '*' always;
        add_header 'access-control-allow-methods' 'get, post, options' always;
        add_header 'access-control-allow-headers' 'dnt,user-agent,x-requested-with,if-modified-since,cache-control,content-type,range,authorization' always;
        add_header 'access-control-expose-headers' 'content-length,content-range' always;

        # 处理预检请求 (options)
        if ($request_method = 'options') {
            add_header 'access-control-allow-origin' '*';
            add_header 'access-control-allow-methods' 'get, post, options';
            add_header 'access-control-allow-headers' 'dnt,user-agent,x-requested-with,if-modified-since,cache-control,content-type,range,authorization';
            add_header 'access-control-max-age' 1728000;
            add_header 'content-type' 'text/plain; charset=utf-8';
            add_header 'content-length' 0;
            return 204;
        }
    }
}