Nginx

支持子域的 Nginx api 網關倉庫

  • February 14, 2022

我正在按照教程設置 API 代理,我正在同一個 VPS 上執行生產和開發伺服器應用程序

https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/

我通過 certbot 使用 SSL 管理我的域,live.domain.com並且dev.domain.com

我被困在“定義倉庫 API” 問題是解釋的路由是基於 URL 路徑位置的,它沒有解釋如何處理在它之上設置的子域。

我有設置:api_gateway

include api_backends.conf;
include api_keys.conf;

server {
   access_log /var/log/nginx/api_live.log main; # Each API may also log to a 
                                                  # separate file

   listen 443 ssl;
   server_name live.domain.com;

   # TLS config
   ssl_certificate      /etc/letsencrypt/live/live.domain.com/fullchain.pem; # managed by Certbot
   ssl_certificate_key  /etc/letsencrypt/live/live.domain.com/privkey.pem; # managed by Certbot
   include              /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
   ssl_dhparam          /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
   ssl_session_cache    shared:SSL:10m;
   ssl_session_timeout  5m;
   ssl_ciphers          HIGH:!aNULL:!MD5;
   ssl_protocols        TLSv1.2 TLSv1.3;

   # API definitions, one per file
   include api_conf.d/*.conf;

   # Error responses
   error_page 404 = @400;         # Treat invalid paths as bad requests
   proxy_intercept_errors on;     # Do not send backend errors to client
   include api_json_errors.conf;  # API client-friendly JSON errors
   default_type application/json; # If no content-type, assume JSON
}
# *repeated for dev.domain.com*

api_backends

upstream live {
zone live_service 64k;
server 127.0.0.1:4000
}
upstream dev {
zone dev_service 64k;
server 127.0.0.1:2000
}

我可以通過以下任何方式管理它:

location / {
   # Policy configuration here (authentication, rate limiting, logging...)
   #
   access_log /var/log/nginx/warehouse_api.log main;

   # URI routing
   #
# if subdomain live
   location / {
       proxy_pass http://live;
   }
# else if subdomain dev
   location / {
       proxy_pass http://dev;
   }

   return 404; # Catch-all
}

也許我可以使用我找到的這個片段。

   if ($host = live.domain.com) {
       return 301 https://$host$request_uri;
   } # managed by Certbot

這可能嗎?

   if ($host = live.domain.com){
       location /api {
               proxy_pass http://live/api;
       }
# AND/OR
       location /docs/ {
               proxy_pass https://live$request_uri
       }
   }

您的配置中的一切幾乎都很好,除了您用這些包含和location / {}塊欺騙自己,並且不包括第二個虛擬主機配置部分。

您只需將live.domain.comdev.domain.com location / {} 塊放在相應的server {}塊中即可(其中一個包含proxy_pass http://live;在實時塊中,依此類推)。

此時不要使用if () {}積木,你不需要它。

是的,你有點缺乏非 TLSserver {}塊,但我猜這是另一個問題。

引用自:https://serverfault.com/questions/1093562