configure subdomain nginx with unicorn - nginx

I am using nginx + unicorn in linode.
This is my nginx.conf
upstream unicorn {
server unix:/tmp/unicorn.mydomain.sock fail_timeout=0;
}
server {
listen 80 default;
server_name mydomain.com;
keepalive_timeout 5;
root /home/hyperrjas/mydomain.com/current/public;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# this is required for HTTPS:
# proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
location ~ ^/(assets)/ {
root /home/hyperrjas/mydomain.com/current/public;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
error_page 500 502 503 504 /500.html;
}
I want to add 4 subdomains:
imagescdn1.mydomain.com
imagescdn2.mydomain.com
imagescdn3.mydomain.com
imagescdn4.mydomain.com
How can I do it?

You should use regex for server_name directive, i.e. something like this:
server {
server_name mydomain.com ~^imagescdn\d+\.mydomain\.com$;
}
Refer to original documentation here and here for more information.

Related

Nginx - location block misconfigured?

I have a location block inside of my sites-enabled example.conf that should be routing /testing to a 503 error html page but instead for some reason its hitting my app instead of nginx
[2020-06-30T20:36:13.821768 #6059] FATAL -- : [fc9cb972-f314-4a87-89d9-8334521767b3] ActionController::RoutingError (No route matches [GET] "/testing"):
that is a log line from my actual rails app - why is it even getting this far vs nginx routing to where I thought I told it to???
my nginx .conf
server { listen 443 ssl;
server_name status.* www.status.*;
# SSL
ssl_certificate_key /etc/nginx/ssl/server_example.com.key;
# logging
access_log /var/log/nginx/status.access.log;
error_log /var/log/nginx/status.error.log;
# security
include security.conf;
# reverse proxy
location / {
if (-f /opt/staytus/staytus/maint.on) {
return 503;
}
port_in_redirect off;
proxy_pass http://example.com:8787/;
}
error_page 503 #maintenance;
location #maintenance {
root /usr/share/nginx/html
rewrite ^(.*)$ /Performing-Maintenace.html;
}
location = /testing/ {
return 500;
}
}
server {
listen 80;
server_name www.status.* status.* 11.22.123.456;
root /opt/staytus/staytus/public;
client_max_body_size 50M;
# SSL
ssl_certificate_key /etc/nginx/ssl/example.com.key;
port_in_redirect off;
return 301 https://example.com$request_uri;
location #puma {
proxy_intercept_errors on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://example.com:8787;
}
}

Multiple nginx subdomains leads to a single jetty instance

I have added multiple subdomains on nginx and now I would like to proxy pass all subdomains to a single jetty instance.
Let´s say
subdomain1.blog.com -> localhost:8080/subdomain1
jenkins.blog.com -> localhost:8080/jenkins
I tested a lot of examples and in the end I struggled with the url.
If I open http://jenkins.blog.com I will redirect to https://jenkins.blog.com/jenkins/login?from=%2Fjenkins%2F
How can I get rid of this /jenkins/ in my url?
Is it possible to achieve it without using multiple jetty instances and deploying apps on webroot?
upstream jetty {
server 127.0.0.1:8080 fail_timeout=0;
}
server {
listen 80;
server_name jenkins.blog.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name jenkins.blog.com;
ssl_certificate /etc/letsencrypt/live/blog.com-0002/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/blog.com-0002/privkey.pem;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location /jenkins {
rewrite ^/jenkins(/.*)$ $1 last;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the "It appears that your reverse proxy set up is broken" error.
proxy_pass http://jetty/jenkins/;
proxy_read_timeout 90;
#proxy_redirect http://localhost:8080/jenkins https://jenkins.blog.com;
#proxy_redirect http:// https://;
proxy_redirect off;
proxy_buffering off;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
# workaround for https://issues.jenkins-ci.org/browse/JENKINS-45651
add_header 'X-SSH-Endpoint' 'jenkins.blog.com:50022' always;
}
}
}

Nginx Reverse proxy with no DNS for multiple websites

I have two websites on a single ubuntu 16 server and I want to make them accessible by network using nginx reverse proxy and gunicorn (Gunicorn internally serves websites on 127.0.0.1:8000 and 127.0.0.1:8001).
Both Websites will never have DNS pointing to my server and both must be running under port 80. So question is, how can I set reverse proxy for these sites? I am in situation where I cant catch hostname or different port in order to user to enter specific site.
My first_website.conf:
upstream first_website {
server unix:/var/www/first_website/first_website_env/run/gunicorn.sock
fail_timeout=0;
}
server {
listen 80;
# normally I would use different host name
# to check, which site user wants to retrieve.
server_name 123.12.34.789;
client_max_body_size 4G;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://127.0.0.1:8001;
break;
}
}
}
an option would be to place the servers on different url locations for example:
upstream first_website {
server unix:/var/www/first_website/first_website_env/run/gunicorn.sock
fail_timeout=0;
}
server {
listen 80;
server_name 123.12.34.789;
client_max_body_size 4G;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location /server1/ {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://127.0.0.1:8000;
break;
}
}
location /server2/ {
proxy_pass http://127.0.0.1:8001;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://127.0.0.1:8001;
break;
}
}
}
I believe that does the trick for you.

Rails 3.2 Nginx Unicorn Basic Authentification

I am trying to get Basic Authentification to work with Rails 3.2 nginx and Unicorn
The configuration works for hosting my site. I used the Rails Basic Authentification in the Controller but i have to many problems while testing. The .htpasswd file is also working i could restrict the access to a static site.
In the location config i tried
location /
location /home/deployer/apps/rails/current/public
location /home/deployer/apps/rails/current/
Any ideas?
This is my config:
upstream unicorn {
server unix:/tmp/unicorn.blog.sock fail_timeout=0;
}
server {
listen 80 default deferred;
server_name railsserver;
root /home/deployer/apps/rails/current/public;
location / {
auth_basic "Restricted";
auth_basic_user_file /var/www/prototyp/.htpasswd;
}
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri #unicorn;
location #unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
I tried it with this config now but it does not work
server {
listen 80 default deferred;
server_name rails.com;
root /home/deployer/apps/rails/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri /;
location / {
auth_basic "Restricted";
auth_basic_user_file /var/www/prototyp/.htpasswd;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
Do it like this to get it to work:
location / {
auth_basic "Restricted";
auth_basic_user_file /var/www/prototyp/.htpasswd;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
You don't need the #unicorn location

nginx try_files from proxy'd app, then nginx

I'm attempting to have nginx reverse proxy static files from an application if the application is serving them, else serve them itself. Currently, I have this configuration:
upstream app_server {
server unix:/tmp/gunicorn.sock fail_timeout=0;
}
server {
listen 8080;
server_name example.com;
access_log /var/log/nginx.access.log;
error_log /var/log/nginx.error.log;
keepalive_timeout 5;
location /static {
try_files $uri #proxy_to_app;
alias /path/to/__static;
sendfile off;
}
location / {
try_files $uri #proxy_to_app;
}
location #proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
}
}
This works if the files don't exist in /path/to/__static; it sends the request to the application server. However, if the files also exist in /path/to/__static, nginx serves the files itself.
Reversing the try_files line (try_files #proxy_to_app $uri) fails in both cases. If the client requests /static/css/test.css, the application receives a request for /css/test.css, and it never seems to try /path/to/__static even though the application returns a 404.
Updated to include full configuration.
location /static/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://app_server;
proxy_intercept_errors on;
error_page 404 =200 /local$uri;
}
location /local/static/ {
internal;
alias /path/to/__static/;
}

Resources