multiple Domains without repeat config - nginx

How can I serve multiple domains with the same configuration, without copying the server{} rule configuration for every domain?
example.com
example.org
example.de
example.ro
Nginx Config:
upstream example_live {
server 127.0.0.1:8300;
}
server {
listen 80;
server_name example.com example.org example.de example.ro;
access_log /var/log/nginx/example.access.log;
error_log /var/log/nginx/example.error.log;
location / {
proxy_pass http://example_live/VirtualHostBase/http/example.??:80/example/VirtualHostRoot/;
include /etc/nginx/ps.cfg/proxy.conf;
}
include /etc/nginx/cfg/base.conf;
}

in the same server section and using server_name directive to support multiple domains. And seems you already give the answer above.

This works for me, thank you for your Comment
server_name a.com www.a.com
b.org www.b.org
c.net www.c.net;
access_log /var/log/nginx/a.com.access.log;
error_log /var/log/nginx/a.com.error.log;
location / {
rewrite ^(.*)$ /VirtualHostBase/http/$http_host:80/a/VirtualHostRoot$1 break;
proxy_pass http://127.0.0.1:8080;
}

Related

Allow nginx access only from IP address

I have a domain, e.g. www.domain.com which is registered on IP XXX.XXX.XXX.XXX, where my site is running on port 80.
I was wondering if there is a way, to block user access www.domain.com , forcing users to use only the IP address to enter the site.
Is it possible to set something like this using nginx?
Anyway, I am using Ubuntu as server, and any configurations on OS to solve this will be appreciated too.
Thank you so much.
Update:
Thanks to #mettalic the configuration now looks like this configuration looks like this:
server {
listen 80;
server_name _;
return 403;
}
server {
listen 80;
server_name XXXX;
add_header 'Access-Control-Allow-Origin' "http://XXX";
add_header x-frame-options "DENY" always;
location /api {
proxy_pass http://localhost:5000;
}
location / {
add_header 'Access-Control-Allow-Origin' "http://XXXX";
root /usr/share/nginx/html/dist;
index index.html;
try_files $uri $uri/ /index.html;
}
}
It is fully working.
If you have only one host on this server on port 80. You can create nginx configuration file without server name. Just listen XXX.XXX.XXX.XXX:80;.
UPD:
You could try add server which will be return error to all users who will try reach your site by domain:
server {
listen 80;
server_name _;
return 403;
}
or redirect them to ip:
server {
listen 80;
server_name _;
return 301 http://XXX.XXX.XXX.XXX;
}
Set server_name 192.168.19.24; in your host's config block.
On Ubuntu, the default virtual host is in /etc/nginx/sites-available/default, but that may be different on other distributions.

Nginx reverse proxy doesn't work as expected

I have two domains on different nginx(1.15.0) servers (server1 example.com and server2 example.net). I've tried to set up server2 as a reverse proxy with ngx_http_substitutions_filter_module but it doesn't work as expected.
Due to my config, subs_filter directive should replace example.com to example.net but when I type example.net in browser it redirects me to example.com.
nginx.conf
http {
//other settings
.....
include /etc/nginx/sites-enabled/*;
upstream example.com {
server example.com;
}
}
example.net.conf
server {
listen 80;
server_name example.net www.example.net;
rewrite ^/(.*)$ https://example.net/$1 permanent;
}
server {
listen 443 ssl;
server_name example.net;
ssl_certificate /etc/letsencrypt/live/example.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.net/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
root html;
try_files $uri #example.com;
}
location #example.com {
include replace.conf;
proxy_pass http://example.com;
proxy_cookie_domain example.com example.net;
proxy_set_header Accept-Encoding "";
proxy_set_header Host example.com;
proxy_redirect http://example.com http://example.net;
}
}
replace.conf
# replace direct links
subs_filter "www.example.com" "example.net" gi;
subs_filter "example.com" "example.net" gi;
Seems like nginx ignores subs_filter directive.
Could someone explain me how can I replace uri properly using ngx_http_substitutions_filter_module? Thank you for advice!
Problem solved.
First of all I removed upstream from nginx.conf:
upstream example.com {
server example.com;
}
Then I changed following lines in example.net.conf:
location / {
...
try_files $uri #static;
}
location #static {
...
proxy_pass https://example.com;
...
...
...
proxy_redirect https://example.com https://example.net;
}
All works fine except login form. Firefox works correctly but Chrome returns error 422. I suppose this is because the login form works on javascript.
Anyway thanks to all!

How can i pass subdomain as proxy_pass value in nginx?

i am currently in situation where i need to get/catch sub-domain and pass that sub-domain value to proxy_pass in Nginx config.
e.g.
if user enters
http://google.com.mydomain.com
then it should do proxy pass as
proxy_pass http://www.google.com/;
in above example google.com is sub-domain
can this be doable ?
How can i achieve something like that in nginx ?
currently i am using configuration where sub-domain values are hard-coded in config files , but there are many sub-domains , so i need to do it like this way, but don't know correct syntax.
server {
listen 80;
server_name subdomain.domain.com;
charset utf-8;
location / {
proxy_pass http://www.subdomain/;
}
}
I am using * as A record to redirect all sub-domains to my web-host, i.e. wildcard DNS.
update:
i have found code snippet from https://stackoverflow.com/a/22774520/1642018
server {
listen 80;
# this matches every subdomain of domain.
server_name .domain.com;
location / {
set $subdomain "";
if ($host ~* "^(.+)\.domain.com$") {
set $subdomain $1;
}
proxy_pass http://$subdomain;
}
}
but the request is showing my default page which is in my default web root.
Two things.
1- A resolver (a dns server for your nginx in order to resolve google.com, you may add at your hosts or you are able to add resolver statement)
2- You will need to resolve how your client will deals with different domains, I mean google.com is different than google.com.ar or google.fr)
At this example I made work it for your example google.com
worker_processes 4;
error_log /var/log/nginx/error.log;
events {
worker_connections 1024;
}
http {
server {
listen 80;
location / {
set $subdomain "";
if ($host ~* "^(.+)\.domain.com$") {
set $subdomain $1;
}
resolver 8.8.8.8;
proxy_pass "http://$subdomain.com";
}
}
}
I hope that this configuration helps to you.
I would capture the subdomain using a map then proxy pass if the variable is defined:
map $host $subdomain {
~^(?<sub>.+)\.[^\.]+\.[^\.]+$ $sub;
}
server {
listen 80 default_server;
server_name _;
location / {
if ($subdomain) {
proxy_pass http://$subdomain;
}
}
}

Nginx URL masking to a different domain

There's a few similar questions on SO, but none exactly mine, and I've had no luck trying to adapt their answers so far.
I want to map the URL http://sub.example.com to https://123.12.12.12/path, such that the browser still shows the URL http://sub.example.com.
My Nginx config file looks like,
server {
listen 80;
server_name sub.example.com;
location / {
proxy_pass https://123.12.12.12;
rewrite ^/$ /path last;
}
}
The routing works here, but the URL displayed is http://sub.example.com/path. How do I make it display only http://sub.example.com?
server {
listen 80;
server_name sub.example.com;
location / {
proxy_pass https://123.12.12.12/path;
}
}
Thats how it works. If proxy_pass contains locations part - current location will be replaced to specified. http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass
But it's help only for http request and http redirects. If application create html with links https://123.12.12.12 - it's still unchanged. In this case you can try ngx_http_sub_module.
I did like this:
server {
listen 80;
listen [::]:80;
listen 443 http2 ssl;
listen [::]:443 http2 ssl;
server_name domain1;
if ($request_method ~* OPTIONS|GET|HEAD) {
return 301 https://domain2$request_uri;
}
location ~* api {
proxy_pass https://domain2$request_uri;
}
}
Because post-requests will cause a 405 error when redirecting.

Nginx subdomain configuration

I have nginx acting as a reverse proxy to apache. I now need to add a new subdomain
that will serve files from another directory, but at the same time I want all location and proxy_pass directives that I have for the default host to apply to the subdomain also.
I know that if I copy the rules from the default host to the new subdomain it will work, but is there a way for the subdomain to inherit the rules?
Below is a sample configuration
server {
listen 80;
server_name www.somesite.com;
access_log logs/access.log;
error_log logs/error.log error;
location /mvc {
proxy_pass http://localhost:8080/mvc;
}
location /assets {
alias /var/www/html/assets;
expires max;
}
... a lot more locations
}
server {
listen 80;
server_name subdomain.somesite.com;
location / {
root /var/www/some_dir;
index index.html index.htm;
}
}
Thanks
You could move the common parts to another configuration file and include from both server contexts. This should work:
server {
listen 80;
server_name server1.example;
...
include /etc/nginx/include.d/your-common-stuff.conf;
}
server {
listen 80;
server_name another-one.example;
...
include /etc/nginx/include.d/your-common-stuff.conf;
}
Edit: Here's an example that's actually copied from my running server. I configure my basic server settings in /etc/nginx/sites-enabled (normal stuff for nginx on Ubuntu/Debian). For example, my main server bunkus.org's configuration file is /etc/nginx/sites-enabled and it looks like this:
server {
listen 80 default_server;
listen [2a01:4f8:120:3105::101:1]:80 default_server;
include /etc/nginx/include.d/all-common;
include /etc/nginx/include.d/bunkus.org-common;
include /etc/nginx/include.d/bunkus.org-80;
}
server {
listen 443 default_server;
listen [2a01:4f8:120:3105::101:1]:443 default_server;
include /etc/nginx/include.d/all-common;
include /etc/nginx/include.d/ssl-common;
include /etc/nginx/include.d/bunkus.org-common;
include /etc/nginx/include.d/bunkus.org-443;
}
As an example here's the /etc/nginx/include.d/all-common file that's included from both server contexts:
index index.html index.htm index.php .dirindex.php;
try_files $uri $uri/ =404;
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location ~ /(README|ChangeLog)$ {
types { }
default_type text/plain;
}

Resources