Nginx – Nginx API Gateway Warehouse with Subdomain Support

I am following a tutorial to setup an API proxy, I am running production and development server apps on the same VPS

https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/

I have my domains managed with SSL via certbot on both live.domain.com and dev.domain.com

I am stuck on "Defining the Warehouse API"
The issue is that the routing explained is based on URL path location, it does not explain how to handle subdomain set up on top of it.

I have setup:
api_gateway

include api_backends.conf;
include api_keys.conf;

server {
    access_log /var/log/nginx/api_live.log main; # Each API may also log to a 
                                                   # separate file

    listen 443 ssl;
    server_name live.domain.com;

    # TLS config
    ssl_certificate      /etc/letsencrypt/live/live.domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key  /etc/letsencrypt/live/live.domain.com/privkey.pem; # managed by Certbot
    include              /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam          /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout  5m;
    ssl_ciphers          HIGH:!aNULL:!MD5;
    ssl_protocols        TLSv1.2 TLSv1.3;

    # API definitions, one per file
    include api_conf.d/*.conf;

    # Error responses
    error_page 404 = @400;         # Treat invalid paths as bad requests
    proxy_intercept_errors on;     # Do not send backend errors to client
    include api_json_errors.conf;  # API client-friendly JSON errors
    default_type application/json; # If no content-type, assume JSON
}
# *repeated for dev.domain.com*

api_backends

upstream live {
zone live_service 64k;
server 127.0.0.1:4000
}
upstream dev {
zone dev_service 64k;
server 127.0.0.1:2000
}

Any way I can manage it with the following:

location / {
    # Policy configuration here (authentication, rate limiting, logging...)
    #
    access_log /var/log/nginx/warehouse_api.log main;

    # URI routing
    #
# if subdomain live
    location / {
        proxy_pass http://live;
    }
# else if subdomain dev
    location / {
        proxy_pass http://dev;
    }

    return 404; # Catch-all
}

perhaps I can use this snippet I found.

    if ($host = live.domain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

is this possible?

    if ($host = live.domain.com){
        location /api {
                proxy_pass http://live/api;
        }
# AND/OR
        location /docs/ {
                proxy_pass https://live$request_uri
        }
    }

Best Answer

Everything is almost fine in your configuration,except that you've tricked yourself with those includes and location / {} blocks, and not including the second vhost configuration part.

You just need to put the live.domain.com and dev.domain.com location / {} blocks in the corresponding server {} blocks and that's all (one containing proxy_pass http://live; in the live one, and so on).

Don't use if () {} blocks at this time, you don't need it.

And yeah, you're kinda lacking the non-TLS server {} blocks, but that's another question I guess.

Best Answer

Related Solutions

Nginx – Help needed setting up nginx to serve static files

Nginx – Why WordPress Loads Blank Pages on Nginx and PHP-FPM

Related Topic