堆栈内存溢出
  繁体   English   中英

如何在nginx中设置子域?

[英]How setup subdomain in nginx?

 原文  2020-11-18 17:41:57       node.js/ nginx/ subdomain/ nginx-config/ nginx-location

问题描述

我从一开始就尝试了几次,但仍然无法使用我的子域。 我有 ubuntu Nginx。 我想创建一个客户端和后端(子域)域。

客户端配置(正常工作):

server {
        root  /var/www/html/dist;

        # Add index.php to the list if you are using PHP
        index index.html;

        server_name hookahscope.com www.hookahscope.com;

        location ~ ^/(sitemap.xml) {
            root /var/www/html/public;
        }
        location / {
                try_files $uri /index.html;
        }
    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/hookahscope.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/hookahscope.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/hookahscope.com/chain.pem; # managed by Certbot
    ssl_stapling on; # managed by Certbot
    ssl_stapling_verify on; # managed by Certbot
}

server {
    if ($host = www.hookahscope.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = hookahscope.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;

    server_name hookahscope.com www.hookahscope.com;
    return 404; # managed by Certbot
}

更新:我的客户端(主域)配置有额外的配置,这是冲突

server {
    if ($host = www.hookahscope.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = hookahscope.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
    server_name www.api.hookahscope.com api.hookahscope.com; # managed by Certb>
    return 404; # managed by Certbot

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/hookahscope.com/fullchain.pem; # mana>
    ssl_certificate_key /etc/letsencrypt/live/hookahscope.com/privkey.pem; # ma>
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/hookahscope.com/chain.pem; # >
    ssl_stapling on; # managed by Certbot
    ssl_stapling_verify on; # managed by Certbot

}



server {
    if ($host = www.api.hookahscope.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = api.hookahscope.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

        listen 80 ;
        listen [::]:80 ;
    server_name www.api.hookahscope.com api.hookahscope.com;
    return 404; # managed by Certbot
}

和后端配置:

server {
        listen 80;

        root  /var/www/backend;

        # Add index.php to the list if you are using PHP
        index index.html;

        server_name api.hookahscope.com;

location ~ ^/(sitemap.xml) {
    root /var/www/html/public;
}

        location / {
proxy_pass http://localhost:8081;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri /index.html;
        }

}

我在 pm2 上运行后端(服务器是带有 express 的 nodejs)所以,在本地我可以通过命令在 8081 端口上看到后端:

 curl http://localhost:8081/

Nginx 显示一些错误,但对我没有帮助:

 sudo nginx -t
nginx: [warn] conflicting server name "api.hookahscope.com" on 0.0.0.0:80, ignored

当然,如果去掉listen 80,错误就会消失; 从子域配置中,但我找不到我应该设置的内容而不是

UPDATED2我的子域配置:

server {
        server_name api.hookahscope.com;

#location ~ ^/(sitemap.xml) {
 #   root /var/www/html/public;
#}

        location / {
proxy_pass http://localhost:8081/;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        }
listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/hookahscope.com/fullchain.pem; # mana>
    ssl_certificate_key /etc/letsencrypt/live/hookahscope.com/privkey.pem; # ma>
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/hookahscope.com/chain.pem; # >
    ssl_stapling on; # managed by Certbot
    ssl_stapling_verify on; # managed by Certbot
}

1 个解决方案

解决方案1
 0 已采纳  2020-11-19 14:04:43

而不是检查的Host通过HTTP标头if ($host = hookahscope.com) { ... }我建议筛选定义两个请求server块作为建议由官方nginx的文件(阅读这个答案详细说明)。 有两个单独的 SSL server块,您不应该在listen指令ipv6only=on使用ipv6only=on标志(阅读线程了解详细信息)。 这是我推荐使用的配置:

server {
    # redirect HTTP to HTTPS for requests where the HTTP 'Host' header equal to one of our domains
    listen 80;
    listen [::]:80;
    server_name hookahscope.com www.hookahscope.com api.hookahscope.com;
    return 301 https://$http_host$request_uri;
}
server {
    # close the connection immediately for the rest of requests
    listen 80 default_server;
    listen [::]:80 default_server;
    return 444;
}
server {
    # frontend
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name hookahscope.com www.hookahscope.com;
    root /var/www/html/dist;

    # SSL configuration made by certbot
    ssl_certificate /etc/letsencrypt/live/hookahscope.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/hookahscope.com/privkey.pem; managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/hookahscope.com/chain.pem; managed by Certbot
    ssl_stapling on; # managed by Certbot
    ssl_stapling_verify on; # managed by Certbot

    location = /sitemap.xml {
        root /var/www/html/public;
    }
    location / {
        try_files $uri /index.html;
    }
}
server {
    # backend
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name api.hookahscope.com;

    # SSL configuration made by certbot
    ssl_certificate /etc/letsencrypt/live/hookahscope.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/hookahscope.com/privkey.pem; managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    ssl_trusted_certificate /etc/letsencrypt/live/hookahscope.com/chain.pem; managed by Certbot
    ssl_stapling on; # managed by Certbot
    ssl_stapling_verify on; # managed by Certbot

    location / {
        proxy_pass http://localhost:8081;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何设置nginx配置? 如何使用Nginx在子域上禁用域代理重定向? 如何使用Express和NGINX设置路由? 如何设置 nginx 与 docker 组合 使用nginx处理Express子域 NGINX子域301重定向 Heroku的子域设置 Nginx-如何基于子域从文件夹提供静态文件 Nginx和Node.js / Express中的子域别名 特定于子域​​的Nginx静态文件
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM