Welcome! Log In Create A New Profile

nginx with subdomains on two servers

Posted by rifain

rifain

nginx with subdomains on two servers
June 09, 2023 10:23AM

Registered: 11 months ago
Posts: 6

I have two servers: the first one has the IP address 192.168.1.216 and is configured with the hostname hub.domain.tld. The DNS record is pointing to the public IP address, and all requests on ports 80 and 443 are forwarded to 192.168.1.216.

The initial Nginx configuration on the first server was simple to set up and is functioning properly.

However, the issue arises with the second server, which is also configured with the Nginx as described below. The problem is that all requests made to vscode.domain.tld are being redirected to hub.domain.tld instead of 192.168.1.234:8080

```
# /etc/nginx/sites-available/default

# top-level http config for websocket headers
# If Upgrade is defined, Connection = upgrade
# If Upgrade is empty, Connection = close
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}

# HTTP server to redirect all 80 traffic to SSL/HTTPS
server {
listen 80;
server_name vscode.domain.tld;

# Tell all requests to port 80 to be 302 redirected to HTTPS
return 302 https://$host$request_uri;
}

# HTTPS server to handle VS Code
server {
listen 443 ssl;
server_name vscode.domain.tld;

ssl_certificate /etc/letsencrypt/live/vscode.domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/vscode.domain.tld/privkey.pem;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;

# Managing literal requests to the VS Code front end
location / {
proxy_pass http://192.168.1.234:8080;

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

# websocket headers
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Scheme $scheme;

proxy_buffering off;
}

# Managing requests to verify letsencrypt host
location ~ /.well-known {
allow all;
}
}

```

Reply Quote

Newer Topic Older Topic

Print View RSS

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 252

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018