Nginx server name difference - nginx

If the server ip is 10.0.0.0, but I'm mapping it to make it to have www.example.com, is the below config the correct way to do it?
server {
listen 80;
server_name 10.0.0.0 example.com;
access_log /var/log/nginx/example.log;

No, if you want to restrict a server to a single interface address, it needs to go with the listen directive:
server {
listen 10.0.0.0:80;
server_name example.com;
access_log /var/log/nginx/example.log;
...
}

above answer, or you can just setup a basic server block
server {
listen 80;
listen [::]:80;
root /var/www/folderName/htdocs; // where you have your project folder and public directory
index index.html index.htm; // add index.php here if using php files
server_name test.com www.test.com; // desired url goes here
location / {
try_files $uri $uri/ =404;
}
}
the tutorials from digital ocean are pretty nice - https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-14-04-lts

Related

Is server tag additive?

As this block would work perfectly for health check:
server {
listen 80 default_server;
location /health-check {
access_log off;
return 200;
add_header Content-Type text/plain;
}
}
I am not sure if this would cause any issues on other server blocks that uses the same port, like for example:
server {
listen 80 my-domain.com;
...
...
}
would the above server block still working? or that server tag is not additive?
**you not user duplicate server name or ip/
diffent serve block same port can not run
you give server name in config block
**
server {
listen 80;
listen [::]:80;
root /var/www/example.com/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
}
}
you can genrate your nginx config using this tools https://www.digitalocean.com/community/tools/nginx

How to add new port number to nginx server?

I want to add new port number to nginx server or how to add new server block to nginx server.
Create a new file in the Nginx directory /etc/nginx/sites-enabled and add a new server block here (example shown below).
server {
# Change me to change my port number
listen 8080;
server_name example.com;
root /var/www/example.com;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
What you probably want is multiple "server" stanzas, each with a different port. You may want to read more into the documentation here.
Example:
server {
listen 80;
server_name example.org www.example.org;
root /var/www/port80/
}
server {
listen 81;
server_name *.example.org;
root /var/www/port81/
}
You can use the same server_name, serving the "different" content appropriately within each one. If you want to have the same server_name and root, but multiple ports, another solution would be this:
server {
listen 80;
listen 81;
server_name example.org;
root /var/www/;
}
Cheers!

Nginx TLS-SNI: Use hostname dependent SSL for HTTPS

I need to use two different ssl certs with nginx pointing to the same app.
https://domain1.com points to 1.1.1.1
https://domain2.com points to 1.1.1.1
.
.
.
.
https://domainN.com points to 1.1.1.1
Tried the following:
server {
listen 80;
server_name domain1.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name domain1.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d1/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d1/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name domain2.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name domain2.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d2/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d2/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
This doesn't work, it just loads the first cert resulting in invalid cert when accessed using the second domain.
The domain certs can't be combined.
I can't spin two different instances for nginx as the case needs to help me out with n-Domains pointing to same IP preferably using one nginx server.
Is there a way out?
Thanks to Richard Smith for pointing out just the right stuff!
So, to setup nginx to use different cert-key pair for domains pointing to the same nginx we have to rely on TLS-SNI (Server Name Indication), where the domain name is sent un-encrypted text as a part of the handshake. This helps nginx to decide which cert-key pair to use for the incoming secure request.
More can be read about SNI here.
Moving on to the configuration.
server {
listen 80;
server_name domain1.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name domain1.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d1/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d1/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
server {
listen 80;
server_name domain2.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name domain2.com;
root /app/dist;
index index.html;
ssl_certificate /etc/nginx/ssl/d2/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/d2/private.key;
location / {
try_files $uri $uri/ /index.html;
}
}
The above config forwards HTTP (80) for both domain1 and domain2 to respective HTTPS (443) server blocks, where respective cert-key pairs are loaded.
The HTTPS (443) request is handled directly.
nginx decides which block to hit by picking the server name using SNI.

nginx : having issue with setting up multi domain on single ip(vps)

so my vps is running ubuntu 17.04 and i have configured my dns pointing to my vps on both domain #
here is my nginx folder structure
this is my server block code for w3saver.com
filepath: /etc/nginx/sites-available/w3saver.com
`server {
listen 80;
listen [::]:80;
server_name w3saver.com www.w3saver.com;
root /var/www/w3saver.com/html;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
} }`
and this server block is for w3youtube.com
filepath: /etc/nginx/sites-available/w3youtube.com
`server {
listen 80;
listen [::]:80;
server_name w3youtube.com;
root /var/www/w3youtube.com/html;
index index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ =404;
} }`
so my problem is when ever i go to "w3youtube.com" page i get redirect to "w3saver.com" page (both domains are serving same page) so what is wrong with that i can't able to figured it out!
ps: i am expecting both domain should serve dedicated static html pages. insted of single html on both domains
this is what i am getting right now.
result in domain1
also same result in domain2
thanks in advance.

Nginx subdomain configuration

I have nginx acting as a reverse proxy to apache. I now need to add a new subdomain
that will serve files from another directory, but at the same time I want all location and proxy_pass directives that I have for the default host to apply to the subdomain also.
I know that if I copy the rules from the default host to the new subdomain it will work, but is there a way for the subdomain to inherit the rules?
Below is a sample configuration
server {
listen 80;
server_name www.somesite.com;
access_log logs/access.log;
error_log logs/error.log error;
location /mvc {
proxy_pass http://localhost:8080/mvc;
}
location /assets {
alias /var/www/html/assets;
expires max;
}
... a lot more locations
}
server {
listen 80;
server_name subdomain.somesite.com;
location / {
root /var/www/some_dir;
index index.html index.htm;
}
}
Thanks
You could move the common parts to another configuration file and include from both server contexts. This should work:
server {
listen 80;
server_name server1.example;
...
include /etc/nginx/include.d/your-common-stuff.conf;
}
server {
listen 80;
server_name another-one.example;
...
include /etc/nginx/include.d/your-common-stuff.conf;
}
Edit: Here's an example that's actually copied from my running server. I configure my basic server settings in /etc/nginx/sites-enabled (normal stuff for nginx on Ubuntu/Debian). For example, my main server bunkus.org's configuration file is /etc/nginx/sites-enabled and it looks like this:
server {
listen 80 default_server;
listen [2a01:4f8:120:3105::101:1]:80 default_server;
include /etc/nginx/include.d/all-common;
include /etc/nginx/include.d/bunkus.org-common;
include /etc/nginx/include.d/bunkus.org-80;
}
server {
listen 443 default_server;
listen [2a01:4f8:120:3105::101:1]:443 default_server;
include /etc/nginx/include.d/all-common;
include /etc/nginx/include.d/ssl-common;
include /etc/nginx/include.d/bunkus.org-common;
include /etc/nginx/include.d/bunkus.org-443;
}
As an example here's the /etc/nginx/include.d/all-common file that's included from both server contexts:
index index.html index.htm index.php .dirindex.php;
try_files $uri $uri/ =404;
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location ~ /(README|ChangeLog)$ {
types { }
default_type text/plain;
}

Resources