I have an existing nginx server which is serving domain x.com (not that X).
I need to add a second domain to the server.
The problem is that the second web server manages its own https certs.
Both domains need to be hosted of a single IP.
So the question is, how do I configure nginx to serve this second domain on both 80 and 443 whilst allowing the upstream server to do the https handshake.
chat gpt just made me more confused :)
Here is our existing config with my feeble attempt to add the new server.
```
include /etc/nginx/include/*.upstream;
# redirect port 80 to 443.
server {
listen 80 default_server;
server_name _;
# lets encrypt renewal path - which must be available whenever
location ^~ /.well-known {
allow all;
root /opt/letsencrypt/wwwroot;
}
return 301 https://$host$request_uri;
}
# default 443 service
server {
# http3 options
listen 443 quic reuseport default_server;
ssl_early_data on;
# required for browsers to direct connection to quic port (udp)
add_header Alt-Svc 'h3=":443"; ma=86400';
# http2 for older browsers
listen 443 ssl http2 default_server;
server_name _;
ssl_certificate /etc/nginx/certs/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/privkey.pem;
.... settings excluded for brevity
location ^~ /.well-known {
allow all;
root /opt/letsencrypt/wwwroot;
}
include /etc/nginx/include/*.location;
}
# config for new server - nginx just pass the HTTPs traffic to the upstream server.
server {
listen 443;
listen 80;
proxy_pass newX.com:10433;
proxy_pass newX.com:1080;
}
/// existing
upstream vaadin {
server localhost:8080 fail_timeout=0;
}
/// the new server - I have no idea if this is correct
upstream newX {
server localhost:1080 fail_timeout=0;
server localhost:10443 fail_timeout=0;
}
```
Edited 1 time(s). Last edit at 12/11/2023 04:08PM by bsutton.