Nginx
支持子域的 Nginx api 網關倉庫
我正在按照教程設置 API 代理,我正在同一個 VPS 上執行生產和開發伺服器應用程序
https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/
我通過 certbot 使用 SSL 管理我的域,
live.domain.com
並且dev.domain.com
我被困在“定義倉庫 API” 問題是解釋的路由是基於 URL 路徑位置的,它沒有解釋如何處理在它之上設置的子域。
我有設置:api_gateway
include api_backends.conf; include api_keys.conf; server { access_log /var/log/nginx/api_live.log main; # Each API may also log to a # separate file listen 443 ssl; server_name live.domain.com; # TLS config ssl_certificate /etc/letsencrypt/live/live.domain.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/live.domain.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_protocols TLSv1.2 TLSv1.3; # API definitions, one per file include api_conf.d/*.conf; # Error responses error_page 404 = @400; # Treat invalid paths as bad requests proxy_intercept_errors on; # Do not send backend errors to client include api_json_errors.conf; # API client-friendly JSON errors default_type application/json; # If no content-type, assume JSON } # *repeated for dev.domain.com*
api_backends
upstream live { zone live_service 64k; server 127.0.0.1:4000 } upstream dev { zone dev_service 64k; server 127.0.0.1:2000 }
我可以通過以下任何方式管理它:
location / { # Policy configuration here (authentication, rate limiting, logging...) # access_log /var/log/nginx/warehouse_api.log main; # URI routing # # if subdomain live location / { proxy_pass http://live; } # else if subdomain dev location / { proxy_pass http://dev; } return 404; # Catch-all }
也許我可以使用我找到的這個片段。
if ($host = live.domain.com) { return 301 https://$host$request_uri; } # managed by Certbot
這可能嗎?
if ($host = live.domain.com){ location /api { proxy_pass http://live/api; } # AND/OR location /docs/ { proxy_pass https://live$request_uri } }
您的配置中的一切幾乎都很好,除了您用這些包含和
location / {}
塊欺騙自己,並且不包括第二個虛擬主機配置部分。您只需將live.domain.com和dev.domain.com
location / {}
塊放在相應的server {}
塊中即可(其中一個包含proxy_pass http://live;
在實時塊中,依此類推)。此時不要使用
if () {}
積木,你不需要它。是的,你有點缺乏非 TLS
server {}
塊,但我猜這是另一個問題。