NGINX 动态子域名支持现有设置

NGINX 动态子域名支持现有设置

所以我有这个设置,NGINX 似乎工作正常。但现在的要求是添加对动态子域的支持。不确定如何做。非常感谢您的帮助。还可以将域和子域从 www 重定向到非 www。我在网上搜索过,但似乎没有适用于此解决方案的方法。

我正在尝试做的事情:目前,我已针对普通非子域名进行了此设置。例如 exampleDomain.com 或www.exampleDomain.com。现在我想引入动态子域。例如 sub1.exampleDomain.com 或 sub50.exampleDomain.com。我遇到的问题是,如果存在子域,我无法正确重定向到子域。例如,如果有人访问 sub2.exampleDomain.com,它会被重定向到 exampleDomain.com。我的问题是如何将子域引入此设置,以便www.sub3.exampleDomain.com转到 sub3.exampleDomain.com/ sub3.exampleDomain.com 转到 sub3.exampleDomain.com 并且www.exampleDomain.com转到 exampleDomain.com,exampleDomain.com 转到 exampleDomain.com。(如果这些都有意义的话:))

server {
        listen 80;
        listen [::]:80;
        server_name exampleDomain.com www.exampleDomain.com;

        location ~ /.well-known/acme-challenge {
                allow all;
                root /var/www/html;
        }

        location / {
                return 301 https://exampleDomain.com$request_uri?;
        }
}

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name www.exampleDomain.com;

        server_tokens off;

        ssl_certificate /etc/letsencrypt/live/exampleDomain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/exampleDomain.com/privkey.pem;

        ssl_buffer_size 8k;

        ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;

        ssl_protocols TLSv1.3 TLSv1.2;
        ssl_prefer_server_ciphers on;

        ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

        ssl_ecdh_curve secp384r1;
        ssl_session_tickets off;

        ssl_stapling on;
        ssl_stapling_verify on;
        resolver 8.8.8.8;

        return 301 https://exampleDomain.com$request_uri;
}

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name exampleDomain.com;
        server_tokens off;

        gzip on;
        gzip_disable "MSIE [1-6]\.(?!.*SV1)";
        gzip_min_length  500;
        gzip_buffers  4 32k;
        gzip_types  text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/svg;
        gzip_vary on;

        ssl_certificate /etc/letsencrypt/live/exampleDomain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/exampleDomain.com/privkey.pem;

        ssl_buffer_size 8k;

        ssl_dhparam /etc/ssl/certs/dhparam-2048.pem;

        ssl_protocols TLSv1.3 TLSv1.2;
        ssl_prefer_server_ciphers on;

        ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

        ssl_ecdh_curve secp384r1;
        ssl_session_tickets off;

        ssl_stapling on;
        ssl_stapling_verify on;
        resolver 8.8.8.8;

        location ~*  \.(jpg|jpeg|png|gif|ico)$ {
                expires 365d;
        }

        location / {
                try_files $uri @nodejs;
        }

        location @nodejs {
                proxy_pass http://nodejs:8080;
                add_header X-Frame-Options "SAMEORIGIN" always;
                add_header X-XSS-Protection "1; mode=block" always;
                add_header X-Content-Type-Options "nosniff" always;
                add_header Referrer-Policy "no-referrer-when-downgrade" always;
                add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
                # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
                # enable strict transport security only if you understand the implications
        }

        location /graphql {
                proxy_pass http://nodejs:8080;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $host;
        }

        root /var/www/html;
        index index.html index.htm index.nginx-debian.html;
}

答案1

举个例子手动的

server {
    server_name   ~^(www\.)?(?<domain>.+)$;

    location / {
        root   /sites/$domain;
    }
}

只需适应你的环境即可。

server_name ~^(www\.)?(?<subdom>[^\.]*)\.your-external-domain\.com$;
location / {
    root   /sites/$subdom;
}

这仅适用于子域名,忽略 www。

相关内容