用于多个域的Nginx反向代理配置

Question

I have multiple accounts/domains on my server. I'm using cPanel with Apache 2.4 and wanted to use Nginx as a front reverse proxy. I changed Apache port, installed Nginx and it works fine but for one domain/account only. I want to use it for all my domains on the server, and any future accounts. I tried to enter $domain variable instead of a specific domain but realized later that nginx doesn't support variables. Same thing with the user directory. Here is my config file:

user  nobody;
worker_processes  4;
error_log  logs/error.log crit;

worker_rlimit_nofile  8192;

events {
worker_connections  1024; # you might need to increase this setting for busy servers
use epoll; #  Linux kernels 2.6.x change to epoll
}

http {
server_names_hash_max_size 2048;
server_names_hash_bucket_size 512;

server_tokens off;

include    mime.types;
default_type  application/octet-stream;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout  10;

# Gzip on
gzip on;
gzip_min_length  1100;
gzip_buffers  4 32k;
gzip_types    text/plain application/x-javascript text/xml text/css;

# Other configurations
ignore_invalid_headers on;
client_max_body_size    8m;
client_header_timeout  3m;
client_body_timeout 3m;
send_timeout     3m;
connection_pool_size  256;
client_header_buffer_size 4k;
large_client_header_buffers 4 32k;
request_pool_size  4k;
output_buffers   4 32k;
postpone_output  1460;

# Cache most accessed static files
open_file_cache          max=10000 inactive=10m;
open_file_cache_valid    2m;
open_file_cache_min_uses 1;
open_file_cache_errors   on;

# virtual hosts includes
include "/etc/nginx/conf.d/*.conf";

server {
  # this is your access logs location
  access_log /usr/local/apache/domlogs/accountusername/example.com;

  error_log  logs/vhost-error_log warn;
  listen    80;
  # change to your domain
  server_name  example.com www.example.com;

  location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ {
   # this is your public_html directory
   root   /home/accountusername/public_html;
}
location / {
   client_max_body_size    10m;
   client_body_buffer_size 128k;

   proxy_send_timeout   90;
   proxy_read_timeout   90;

   proxy_buffer_size    4k;
   proxy_buffers     16 32k;
   proxy_busy_buffers_size 64k;
   proxy_temp_file_write_size 64k;

   proxy_connect_timeout 30s;

   # change to your domain name
   proxy_redirect  http://www.example.com:8080   http://www.example.com;
   proxy_redirect  http://example.com:8080   http://example.com;

   proxy_pass   http://127.0.0.1:8080/;
   proxy_set_header   Host   $host;
   proxy_set_header   X-Real-IP  $remote_addr;
   proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}
}

What I'm trying to do is to place a code that works for all domains on the server and any future domains will be added. I see some forums and blogs explain to setup virtual hosts (Server blocks) but I'm not sure what they're used for. I'd appreciate it if anyone provide any info about this. Should I setup virtual hosts? What is needed to be changed in my configuration file? Thank you.

Answer 1

You config is almost correct

server {
   listen frontip:80 default_server;

   location / {
       proxy_pass http://127.0.0.1:8080;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
       proxy_redirect http://$host:8000/ http://$host/;
   }
}

But best way to you do not use 8080 port. All you need is tell to nginx to bind only external ip. Add ip and bind keyword to all your listen in each server .

server {
   listen frontip:80 default_server bind;

   location / {
       proxy_pass http://127.0.0.1;
       proxy_set_header Host $host;
       proxy_set_header X-Real-IP $remote_addr;
   }
}

If you missed nothing, nginx will not bind 127.0.0.1:80, so apache can bind it.

In this case you do not need any proxy_redirect directives because you don't need any redirect rewrites.

For root folder you can use variables but much better use map ;

http {
   ...
   map $host $root {
      hostnames;
      default /var/www;
      .domain1.com /home/user1/domain1.com;
      custom.domain1.com /home/user1/custom;
      domain2.com /home/user2/domain2.com;
      www.domain2.com /home/user2/domain2.com;
   }

    server {
       listen frontip:80 default_server;
       root $root;

       location / {
           proxy_pass http://127.0.0.1;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
       }

       location ~* \.(gif|jpg|jpeg|png|wmv|avi|mpg|mpeg|mp4|htm|html|js|css)$ {
       }
    }
}

More about map http://nginx.org/en/docs/http/ngx_http_map_module.html

Answer 2

Your idea is a kind of fantastic. To operate in good and predictable\\debuggable way, you should create "server" block for every server you serve, and you should write it domain name into "proxy_redirect" directive accordingly.

To handle a lot of domains - get a list of them and write shell\\perl\\python script to generate your actual config. This script will be rather simple one.

And read the docs - to understand clearly what "server blocks" are for. Shortly, they are the core of nginx's performance magic.