Answer the question
In order to leave comments, you need to log in
S
S
S10LI2020-02-12 10:58:54
S10LI, 2020-02-12 10:58:54
How to use multiple domains for multiple servers on the same IP?
Given:
Domains:
site1.com
site2.com
External IP (for example): 11.22.33.44
Router: Mikrotik.
Local network (for example): 10.0.0.0/24
Server 1. Used for 1C web hosting (Apache web server)
IP (for example): 10.0.0.1
Listens to port 80, will listen to 443
Server 2. HTTP is spinning on it File Server
IP (for example): 10.0.0.2
Listening on port 80, will listen on 443
Server 3. For future task
IP (for example): 10.0.0.3
Will listen on 80, 443
All servers on OS Windows.
How implemented now:
Web-proxy on port 8080 is enabled on the router Allowing
rules for
site1.com
site2.com
and denying all other requests are configured
A NAT rule is configured that redirects requests from port 80 to the internal web-proxy (8080)
Static DNS records are created for servers:
site1. com -> 10.0.0.1
site2.com -> 10.0.0.2
Accordingly, when someone accesses from the Internet using the site1.com domain, they get to Server1 and via the site2.com domain, they get to Server2.
Why does the current implementation option not suit me?
1) Mikrotik allows you to redirect only http traffic, but I want to secure the connection using the https protocol (accordingly, obtain / generate certificates) through, for example, stunnel
2) Using the built-in web proxy creates an additional load on the network device
Task:
Configure Server 3 to listen on ports 80 and 443 and, depending on the domain, connect to the local server (some traffic proxying)
server1.site.com -> 10.0.0.1
server2.site .com -> 10.0.0.2
Question:
How to
implement it? It is desirable with examples of settings.
Thank you!
3 answer(s)
@S10LI
stop.cmd
And edited the file C:\nginx\conf\nginx.conf
Next, I launched Nginx using start.cmd and it all worked!
@deepblack
S
S10LI, 2020-02-13 @S10LI
A short manual on how I set everything up
Downloaded fresh Nginx
Unpacked along the path C:\nginx
Created two cmd files inside the nginx
start.cmd folder
@echo off
start /D%cd% nginx.exestop.cmd
@echo off
start /D%cd% nginx.exe -s quitAnd edited the file C:\nginx\conf\nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
#Server 1
server {
listen 80;
server_name server1.site.com;
#Redirect to HTTPS
location / {
proxy_pass http://10.0.0.1:80;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
#Server 2
server {
listen 80;
server_name server2.site.com;
#Redirect to HTTPS
location / {
proxy_pass http://10.0.0.2:80;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}Next, I launched Nginx using start.cmd and it all worked!
A
Andrew, 2020-02-12 @deepblack
Look here
Sample configs (reverse proxy)
server {
server_name server1.site.com;
root /var/www/server1.site.com/public;
# reverse proxy
location / {
proxy_pass http://10.0.0.1:80;
}
}/etc/nginx/sites-available/server1.site.com.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name server1.site.com;
root /var/www/server1.site.com/public;
# SSL
ssl_certificate /etc/letsencrypt/live/server1.site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/server1.site.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/server1.site.com/chain.pem;
# security
include nginxconfig.io/security.conf;
# reverse proxy
location / {
proxy_pass http://10.0.0.1:80;
include nginxconfig.io/proxy.conf;
}
# additional config
include nginxconfig.io/general.conf;
}
# subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name *.server1.site.com;
# SSL
ssl_certificate /etc/letsencrypt/live/server1.site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/server1.site.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/server1.site.com/chain.pem;
return 301 https://server1.site.com$request_uri;
}
# HTTP redirect
server {
listen 80;
listen [::]:80;
server_name .server1.site.com;
include nginxconfig.io/letsencrypt.conf;
location / {
return 301 https://server1.site.com$request_uri;
}
}/etc/nginx/sites-available/server2.site.com.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name server2.site.com;
root /var/www/server2.site.com/public;
# SSL
ssl_certificate /etc/letsencrypt/live/server2.site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/server2.site.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/server2.site.com/chain.pem;
# security
include nginxconfig.io/security.conf;
# reverse proxy
location / {
proxy_pass http://10.0.0.2:80;
include nginxconfig.io/proxy.conf;
}
# additional config
include nginxconfig.io/general.conf;
}
# subdomains redirect
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name *.server2.site.com;
# SSL
ssl_certificate /etc/letsencrypt/live/server2.site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/server2.site.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/server2.site.com/chain.pem;
return 301 https://server2.site.com$request_uri;
}
# HTTP redirect
server {
listen 80;
listen [::]:80;
server_name .server2.site.com;
include nginxconfig.io/letsencrypt.conf;
location / {
return 301 https://server2.site.com$request_uri;
}
}
Similar questions
J
S
Sergey2018-02-22 13:39:21
Windows Server 2012 R2 AD CNAME not working on non-domain computers?
2Reply
E
N
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question