Hallo,

ich bin dabei für meine privaten Spielereien auf nginx zu wechseln,
was ich vor habe, jedoch leider daran gestern bis spät in die Nacht verzweifelte:

Ich will zwei Sites aktivieren:

beide mit Listen 443 und SSL:

1. Owncloud welches mit Location /owncloud funktioniert.

2. FHEM mit ReverseProxy von Port 8083.

Beide laufen auf demselben Debian System, auf welchem auch nginx installiert ist.

Zertifikat nutze ich bei beiden ebenfalls das selbe,
nginx lässt sich auch starten, jedoch ist je nach vergebenem ServerName nur eines von beiden erreichbar.

Ich kann am Abend gerne meine derzeitigen Configs nachreichen,
fürchte nur ein Grundverständnis-Problem meinerseits.

Hat jemand eine Idee, ist mein Vorhaben so überhaupt möglich, oder muss ich unterschiedliche Ports nutzen?

LG
Klaus

Nachtrag:

owncloud-config file:
-----

upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}

server {
listen 80;
server_name test;
# enforce https
return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl;
server_name test;

ssl_certificate /etc/ssl/nginx/test.cert;
ssl_certificate_key /etc/ssl/nginx/test.key;

# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

# Path to the root of your installation
root /opt/;
# set max upload size
client_max_body_size 16G;
fastcgi_buffers 64 4K;

# Disable gzip to avoid the removal of the ETag header
gzip off;

# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;


index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;

location /fhem {
proxy_pass http://localhost:8083/fhem;
proxy_redirect off;
proxy_buffering off;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
access_log /var/log/nginx/fhem.access.log;
error_log /var/log/nginx/fhem.error.log;
}

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}


location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}

location /owncloud/ {
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;

rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;

rewrite ^/(/core/doc/[^\/]+/)$ $1/index.html;

try_files $uri $uri/ /index.php;
}

location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
}

# Adding the cache control header for js and css files
location ~* \.(?:css|js)$ {
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# Optional: Don't log access to assets
access_log off;
}

# Optional: Don't log access to other assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
access_log off;
}

}

fhem config file:
-----
server {
listen 443 ssl;
server_name test;

ssl_certificate /etc/ssl/nginx/test.cert;
ssl_certificate_key /etc/ssl/nginx/test.key;

access_log /var/log/nginx/fhem.access.log;
error_log /var/log/nginx/fhem.error.log;

location /fhem {
proxy_pass http://localhost:8083/fhem;
proxy_redirect off;
proxy_buffering off;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
}
}



Edited 2 time(s). Last edit at 11/09/2015 10:59AM by Klouse.