How to add new port number to nginx server? - nginx

I want to add new port number to nginx server or how to add new server block to nginx server.

Create a new file in the Nginx directory /etc/nginx/sites-enabled and add a new server block here (example shown below).
server {
# Change me to change my port number
listen 8080;
server_name example.com;
root /var/www/example.com;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}

What you probably want is multiple "server" stanzas, each with a different port. You may want to read more into the documentation here.
Example:
server {
listen 80;
server_name example.org www.example.org;
root /var/www/port80/
}
server {
listen 81;
server_name *.example.org;
root /var/www/port81/
}
You can use the same server_name, serving the "different" content appropriately within each one. If you want to have the same server_name and root, but multiple ports, another solution would be this:
server {
listen 80;
listen 81;
server_name example.org;
root /var/www/;
}
Cheers!

Related

why nginx server listen on explicit ip-port cover server listen on only port

For example, I have a server with 2 network interface, one for public ip and one for private ip. And write 2 nginx configuration file:
cat /etc/nginx/sites-enabled/siteA.sample.edu.cn
server {
listen 80;
server_name siteA.sample.edu.cn;
...
location / {
root /var/lib/www/siteA.sample.edu.cn;
index index.html index.htm index.php;
}
}
cat /etc/nginx/sites-enabled/siteB.sample.edu.cn
server {
listen 80;
server_name siteB.sample.edu.cn;
...
location / {
root /var/lib/www/siteB.sample.edu.cn;
index index.html index.htm index.php;
}
}
As long as they both listen on 80 without ip restriction, they can work together well. Setting local dns for siteA and siteB with the same ip 172.16.0.1, I can visit different site with those url.
But when setting explict listen ip to one site:
cat /etc/nginx/sites-enabled/siteA.sample.edu.cn
server {
listen 172.16.0.1:80;
server_name siteA.sample.edu.cn;
...
}
}
cat /etc/nginx/sites-enabled/siteB.sample.edu.cn
server {
listen 80;
server_name siteB.sample.edu.cn;
...
}
}
Then I cannot visit siteB.sample.edu.cn anymore. Using url http://siteB.sample.edu.cn will finally reach the siteA.sample.edu.cn.
So how to stop such strange redirection? It seems that server with explicit listen ip has higher priority?
This behaviour is documented here.
You could try using two listen directives in site B's server block.
For example:
server {
listen 172.16.0.1:80;
listen 80;
...
}
Or:
server {
listen 172.16.0.1:80;
listen <otherIP>:80;
...
}

Is server tag additive?

As this block would work perfectly for health check:
server {
listen 80 default_server;
location /health-check {
access_log off;
return 200;
add_header Content-Type text/plain;
}
}
I am not sure if this would cause any issues on other server blocks that uses the same port, like for example:
server {
listen 80 my-domain.com;
...
...
}
would the above server block still working? or that server tag is not additive?
**you not user duplicate server name or ip/
diffent serve block same port can not run
you give server name in config block
**
server {
listen 80;
listen [::]:80;
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
}
}
you can genrate your nginx config using this tools https://www.digitalocean.com/community/tools/nginx

Nginx TLS-SNI: Use hostname dependent SSL for HTTPS

I need to use two different ssl certs with nginx pointing to the same app.
https://domain1.com points to 1.1.1.1
https://domain2.com points to 1.1.1.1
.
.
.
.
https://domainN.com points to 1.1.1.1
Tried the following:
server {
listen 80;
server_name domain1.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name domain1.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d1/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d1/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name domain2.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name domain2.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d2/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d2/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
This doesn't work, it just loads the first cert resulting in invalid cert when accessed using the second domain.
The domain certs can't be combined.
I can't spin two different instances for nginx as the case needs to help me out with n-Domains pointing to same IP preferably using one nginx server.
Is there a way out?
Thanks to Richard Smith for pointing out just the right stuff!
So, to setup nginx to use different cert-key pair for domains pointing to the same nginx we have to rely on TLS-SNI (Server Name Indication), where the domain name is sent un-encrypted text as a part of the handshake. This helps nginx to decide which cert-key pair to use for the incoming secure request.
More can be read about SNI here.
Moving on to the configuration.
server {
listen 80;
server_name domain1.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name domain1.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d1/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d1/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name domain2.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name domain2.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d2/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d2/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
The above config forwards HTTP (80) for both domain1 and domain2 to respective HTTPS (443) server blocks, where respective cert-key pairs are loaded.
The HTTPS (443) request is handled directly.
nginx decides which block to hit by picking the server name using SNI.

nginx host default for IP

I have the following default configuration file in nginx:
server {
listen 80;
root /home/d/www;
index index.php index.html index.htm;
server_name localhost;
Recently I added a file to host a specific domain, like:
server {
listen 80;
root /home/d/sites/dom
index index.html index.htm;
server_name dom.co www.dom.co;
After adding this, when loading the public server IP would be routed to this domain configuration folder, /home/d/sites/dom
How can the IP be directed to the default root?
There's listen 80 default; for requests without Host header (if none set - the first one is used)
For requests with unrecognized host - special server_name _; matches
To add to Vasfed's answer, my block are:
/etc/nginx/sites-available/yourdomain
server {
listen 80;
root /www/sites/**yourdomain**;
index index.html index.htm;
server_name **yourdomain**.com www.**yourdomain**.com;
}
/etc/nginx/sites-available/default
server {
listen 80 default_server;
root /www;
index index.php index.html index.htm;
server_name _;
}
These two files need to by sym-linked to sites-enabled.

Nginx server name difference

If the server ip is 10.0.0.0, but I'm mapping it to make it to have www.example.com, is the below config the correct way to do it?
server {
listen 80;
server_name 10.0.0.0 example.com;
access_log /var/log/nginx/example.log;
No, if you want to restrict a server to a single interface address, it needs to go with the listen directive:
server {
listen 10.0.0.0:80;
server_name example.com;
access_log /var/log/nginx/example.log;
...
}
above answer, or you can just setup a basic server block
server {
listen 80;
listen [::]:80;
root /var/www/folderName/htdocs; // where you have your project folder and public directory
index index.html index.htm; // add index.php here if using php files
server_name test.com www.test.com; // desired url goes here
location / {
try_files $uri $uri/ =404;
}
}
the tutorials from digital ocean are pretty nice - https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-14-04-lts

Resources