R
R
Roman Terekhin2014-12-07 12:37:44
Nginx
Roman Terekhin, 2014-12-07 12:37:44

Multi-domain nginx and Jelastic?

Good afternoon.
When building the project architecture, a serious problem arose - "mine does not know the dynamic nginx virtual hosts".
The project has the following standard structure: the
nginx balancer (their number can grow automatically if everything goes badly) distribute traffic to 6 nodes with the same nginx.
The structure of custom domains will look like this:
/var/www/webroot/ROOT/domain1.ru/site1 should be understood as site1.domain1.ru
/var/www/webroot/ROOT/domain2.ru/site1 respectively site1.domain2.ru
and so on in the same way. There are Jelastic configs from the box
Balancer config:

######## HTTP SECTION PROTOTYPE ########
http {
  server_tokens off ;
        include /etc/nginx/mime.types;
        default_type application/octet-stream;
        set_real_ip_from  192.168.0.0/16;
        set_real_ip_from  10.0.0.0/8;
        set_real_ip_from  172.16.0.0/16;
        real_ip_header    X-Forwarded-For;
        real_ip_recursive on;
        log_format main
    '"$http_x_forwarded_for" - $remote_user [$time_local] '
                '"$request" $status $bytes_sent '
                '"$http_referer" "$http_user_agent" '
                '"$gzip_ratio"';
        client_header_timeout 10m;
        client_body_timeout 10m;
        send_timeout 10m;
        client_max_body_size 50m;
        connection_pool_size 256;
        client_header_buffer_size 1k;
        large_client_header_buffers 4 2k;
        request_pool_size 4k;
#        gzip on;
        gzip_min_length 1100;
        gzip_buffers 4 8k;
        gzip_types text/plain;
        output_buffers 1 32k;
        postpone_output 1460;
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 75 20;
        ignore_invalid_headers on;
  map $upstream_addr        $group {
       	default               "";
  ### MAPPING FOLLOWS HERE ###
  ### ~XXX\.XXX\.XXX\.XXX\:XX$   $GROUPNAME; ### MAPPROTO ### This is mappings prototype line, do not remove this! 
~10\.50\.14\.57\:80$ common; ~10\.50\.14\.62\:80$ common; ### MAPPROTO for common ###
   	}
  ### DEFAULT UPSTREAM FOLLOWS HERE ###
  upstream default_upstream{
  ### server XXX.XXX.XXX.XXX; ### $GROUPNAME ### DEFUPPROTO ###
server 10.50.14.57; server 10.50.14.62; server 10.50.14.54 backup; ### DEFUPPROTO for common ###
  sticky path=/; }
  ### UPSTREAMS LIST FOLLOWS HERE ###
        #upstream nodes{ server XXX.XXX.XXX.XXX; server 127.0.0.1:8001 backup # UPSTREAMPROTO # This is upstream prototype line, do not remove this! }
upstream common { server 10.50.14.54 backup;  server 10.50.14.57; server 10.50.14.62; sticky path=/; } ### UPSTREAMPROTO for common ###
        #GFADMIN
        server {
                listen *:80;
                server_name  localhost;
                access_log /var/log/nginx/localhost.access_log main;
                error_log /var/log/nginx/localhost.error_log info;
                proxy_temp_path /var/nginx/tmp/;
                proxy_connect_timeout 5s;
                error_page   500 502 503 504  /50x.html;
                proxy_next_upstream error timeout http_500;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Host $http_host;
                proxy_set_header X-Forwarded-For $http_x_forwarded_for;
                proxy_set_header X-URI $uri;
                proxy_set_header X-ARGS $args;
                proxy_set_header Refer $http_refer;
                location = /50x.html {
                        root   html;
                }
                location / {
                        if ($cookie_SRVGROUP ~ group|common) {
                                proxy_pass http://$cookie_SRVGROUP;
                                error_page   500 502 503 504 = @rescue;
                        }
                        if ($cookie_SRVGROUP !~ group|common) {
                                add_header Set-Cookie "SRVGROUP=$group; path=/";
                        }
                        proxy_pass http://default_upstream;
                        add_header Set-Cookie "SRVGROUP=$group; path=/";
                }
                location @rescue {
                        proxy_pass http://default_upstream;
                        add_header Set-Cookie "SRVGROUP=$group; path=/";
                }
    
              	#USERLOCATIONS
        }
        server {
                listen *:8001;
                server_name  backup.local;
        location / {
                    	proxy_pass http://default_upstream;
                        add_header Set-Cookie "SRVGROUP=$group; path=/";
                        proxy_set_header Host $host;
                        proxy_set_header X-Real-IP $remote_addr;
                        proxy_set_header X-Host $http_host;
                        proxy_set_header X-Forwarded-For $http_x_forwarded_for;
                        proxy_set_header X-URI $uri;
                        proxy_set_header X-ARGS $args;
                        proxy_set_header Refer $http_refer;
                   }
        }
 include /etc/nginx/conf.d/*.conf;
}
######## TCP SECTION PROTOTYPE ########
tcp {
server {
            listen 825;
            proxy_pass common;
            access_log /var/log/nginx/tcp_access.log;
       	}
       	upstream common {
            server 10.50.14.57:825; server 10.50.14.62:825; ### UPSTREAMPROTO for common ###
            check interval=3000 rise=2 fall=5 timeout=1000;
            #check interval=3000 rise=2 fall=5 timeout=1000 type=ssl_hello;
            #check interval=3000 rise=2 fall=5 timeout=1000 type=http;
            #check_http_send "GET / HTTP/1.0\r\n\r\n";
            #check_http_expect_alive http_2xx http_3xx;
      	}
    	
    }
tcp {
server {
            listen 110;
            proxy_pass common;
            access_log /var/log/nginx/tcp_access.log;
       	}
       	upstream common {
            server 10.50.14.57:810; server 10.50.14.62:810; ### UPSTREAMPROTO for common ###
            check interval=3000 rise=2 fall=5 timeout=1000;
            #check interval=3000 rise=2 fall=5 timeout=1000 type=ssl_hello;
            #check interval=3000 rise=2 fall=5 timeout=1000 type=http;
            #check_http_send "GET / HTTP/1.0\r\n\r\n";
            #check_http_expect_alive http_2xx http_3xx;
      	}
    	
    }
tcp {
server {
            listen 143;
            proxy_pass common;
            access_log /var/log/nginx/tcp_access.log;
       	}
       	upstream common {
            server 10.50.14.57:843; server 10.50.14.62:843; ### UPSTREAMPROTO for common ###
            check interval=3000 rise=2 fall=5 timeout=1000;
            #check interval=3000 rise=2 fall=5 timeout=1000 type=ssl_hello;
            #check interval=3000 rise=2 fall=5 timeout=1000 type=http;
            #check_http_send "GET / HTTP/1.0\r\n\r\n";
            #check_http_expect_alive http_2xx http_3xx;
      	}
    	
    }

Node config:
#user  nobody;
worker_processes  1;

error_log  /var/log/nginx/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    server_tokens off;
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$http_x_forwarded_for - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;
  include /etc/nginx/aliases.conf;
        location / {
            root   /var/www/webroot/ROOT;
            index  index.html index.htm index.php;

    	    location ~ \.php$ {
    	    	location ~ /\. { deny all; access_log off; log_not_found off; }
      	include /etc/nginx/fastcgi_params;
          fastcgi_pass 127.0.0.1:9000;
        	fastcgi_param SCRIPT_FILENAME /var/www/webroot/ROOT$fastcgi_script_name;
          fastcgi_param PATH_INFO $fastcgi_script_name;
        	fastcgi_param DOCUMENT_ROOT /var/www/webroot/ROOT;
    	    }

        }
        index  index.php index.html index.htm;

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}
  location ~ /\. { deny all; access_log off; log_not_found off; }
        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #location ~ \.php$ {
        #    root           html;
        #    fastcgi_pass   127.0.0.1:9000;
        #    fastcgi_index  index.php;
        #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        #    include        fastcgi_params;
        #}

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
  location ~ \.php$ {
    location ~ /\. { deny all; access_log off; log_not_found off; }
        	include /etc/nginx/fastcgi_params;
          fastcgi_pass 127.0.0.1:9000;
        	fastcgi_param SCRIPT_FILENAME /var/www/webroot$fastcgi_script_name;
          fastcgi_param PATH_INFO $fastcgi_script_name;
        	fastcgi_param DOCUMENT_ROOT /var/www/webroot;
        }

    }

include /etc/nginx/conf.d/*.conf;

}

So the question is, how to teach nginx to work dynamically with subdomains, and even safely?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
P
p5ych0, 2014-12-07
@RomaZveR

Hi.
well, in general, you can change a couple of lines on the node in the config
after that $subdomain = "site1" , and $mydomain = "mysite.whatever"
then you need to set the path
well and add a check to show an error if the domain does not exist

if ( $subdomain = "") {
    $subdomain = "www";
}
if ( ! -d /var/www/webroot/$mydomain/$subdomain ) {
   root /var/www/webroot/ROOTl
   error_page 404 /404.html;
}

and of course, replace all /var/www/webroot/ROOT with /var/www/webroot/$mydomain/$subdomain
although, based on my experience, I would catch all requests and parse the domain name on the php side, or whatever by you.
you just need to get access to $_SERVER['HTTP_HOST'], parse and just correctly set the paths and the corresponding variables, there
will be questions - ask ;)

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question