我有一台以 Nginx 为服务器并在后端使用 rails 应用程序的服务器。目前,rails 应用程序一次只能为一个域提供服务。但是,我将每小时使用此应用程序创建和销毁服务器。
因此,我想配置服务器以响应任何子域。但后端应用程序应该始终看到一个固定的域。
例如,如果我收到来自等的请求sub1.A.com...sub2.A.com后端应该始终作为 sub.A.com 接收请求。
我也不想使用负载平衡器或反向代理或服务器外部的东西。我不确定要搜索什么来满足这个特定的用例。部署的常规解决方案是什么等等...
我的nginx.conf文件:
server {
server_name domain.com;
location ~ /\.well-known/acme-challenge/ {
allow all;
root /var/www/letsencrypt;
try_files $uri =404;
break;
}
access_log /var/log/nginx/bigbluebutton.access.log;
# Handle RTMPT (RTMP Tunneling). Forwards requests
# to Red5 on port 5080
location ~ (/open/|/close/|/idle/|/send/|/fcs/) {
proxy_pass http://127.0.0.1:5080;
proxy_redirect off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffering off;
keepalive_requests 1000000000;
}
# Handle desktop sharing tunneling. Forwards
# requests to Red5 on port 5080.
location /deskshare {
proxy_pass http://127.0.0.1:5080;
proxy_redirect default;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
include fastcgi_params;
}
# BigBlueButton landing page.
# changed for making greelight primary
location /old {
root /var/www/bigbluebutton-default;
index index.html index.htm;
expires 1m;
}
# Make greelight primary
location = / {
return 307 /b;
}
# Include specific rules for record and playback
include /etc/bigbluebutton/nginx/*.nginx;
#error_page 404 /404.html;
# Redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name domain.com;
return 404; # managed by Certbot
}
答案1
Certbot 的自动配置不太适合您的需求。将 HTTP 到 HTTPS 重定向块更改为以下内容:
server {
listen 80;
listen [::]:80;
server .domain.com;
return 301 https://$http_host$request_uri;
}
对您的 HTTPS 块进行以下更改:
- 使用
server .domain.com;而不是server domain.com;(这种特殊形式匹配domain.com域及其任何子域); proxy_set_header Host "sub.domain.com";在proxy_pass使用指令的位置块中添加指令(假设这sub.domain.com是您希望后端应用程序看到的域)。