Nginx

接收來自不同子域的流量,但作為單個域發送到後端

  • July 6, 2020

我在後端有一個 Nginx 作為伺服器和一個 rails 應用程序的伺服器。目前,rails 應用程序一次只能服務於一個域。但是,我將每小時使用此應用程序創建和銷毀伺服器。

所以,我想配置伺服器以響應任何子域。但是後端應用程序應該總是看到一個固定的域。

例如,如果我收到來自 等的請求sub1.A.comsub2.A.com後端應始終以 sub.A.com 的形式接收請求。

我也不想使用負載平衡器或反向代理或伺服器外部的東西。我不確定要搜尋這個特定案例的內容。部署的正常解決方案是什麼等…

我的nginx.conf文件:

server {
   server_name  domain.com;

    location ~ /\.well-known/acme-challenge/ {
       allow all;
       root /var/www/letsencrypt;
       try_files $uri =404;
       break;
    }


    access_log  /var/log/nginx/bigbluebutton.access.log;

    # Handle RTMPT (RTMP Tunneling).  Forwards requests
    # to Red5 on port 5080

    location ~ (/open/|/close/|/idle/|/send/|/fcs/) {
         proxy_pass         http://127.0.0.1:5080;
         proxy_redirect     off;
         proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;

         client_max_body_size       10m;
         client_body_buffer_size    128k;

         proxy_connect_timeout      90;
         proxy_send_timeout         90;
         proxy_read_timeout         90;

         proxy_buffering            off;
         keepalive_requests         1000000000;
     }

    # Handle desktop sharing tunneling.  Forwards
    # requests to Red5 on port 5080.
      location /deskshare {
          proxy_pass         http://127.0.0.1:5080;
          proxy_redirect     default;
          proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
          client_max_body_size       10m;
          client_body_buffer_size    128k;
          proxy_connect_timeout      90;
          proxy_send_timeout         90;
          proxy_read_timeout         90;
          proxy_buffer_size          4k;
          proxy_buffers              4 32k;
          proxy_busy_buffers_size    64k;
          proxy_temp_file_write_size 64k;
          include    fastcgi_params;
      }

   # BigBlueButton landing page.
   # changed for making greelight primary
       location /old {
         root   /var/www/bigbluebutton-default;
         index  index.html index.htm;
     expires 1m;
       }

   # Make greelight primary
       location = / {
       return 307 /b;
       }

   # Include specific rules for record and playback
       include /etc/bigbluebutton/nginx/*.nginx;

       #error_page  404  /404.html;

       # Redirect server error pages to the static page /50x.html
       #
       error_page   500 502 503 504  /50x.html;
       location = /50x.html {
               root   /var/www/nginx-default;
       }

   listen [::]:443 ssl ipv6only=on; # managed by Certbot
   listen 443 ssl; # managed by Certbot
   ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
   ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
   include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
   if ($host =  domain.com) {
       return 301 https://$host$request_uri;
   } # managed by Certbot


    listen   80;
    listen [::]:80;
    server_name  domain.com;
   return 404; # managed by Certbot


}

Certbot 的這種自動配置不太適合您的需求。將 HTTP 到 HTTPS 重定向塊更改為這個:

server {
   listen   80;
   listen   [::]:80;
   server   .domain.com;
   return   301 https://$http_host$request_uri;
}

對 HTTPS 塊進行以下更改:

  • 使用server .domain.com;代替server domain.com;(這種特殊形式匹配domain.com域及其任何子域);
  • proxy_set_header Host "sub.domain.com";指令添加到使用指令的位置塊proxy_pass(假設這sub.domain.com是您希望後端應用程序看到的域)。

引用自:https://serverfault.com/questions/1024061