I have problem with Nginx when I need configure it as reverse proxy for multiple locations based on source server, but on one port.
For example I have these servers:
server1.domain.com
server2.domain.com
server3.domain.com
nginx.domain.com
is Nginx reverse proxy server
And I need access by this scheme:
nginx.domain.com/site -> server1.domain.com/site
(https) nginx.domain.com/site2 -> (https) server2.domain.com/site2
(https) nginx.domain.com/site3 -> (https) server3.domain.com/site3
But now I can access only to site2 which is first in configuration. When I change order then is working site3. Configuration of location in all servers is ok.
My default.conf
I have following configuration.
server1
server {
listen 80;
server_name server1.domain.com;
access_log off;
error_log off;
# some locations
}
server2
server {
listen 80;
server_name server2.domain.com;
access_log off;
error_log off;
# some locations
}
server {
listen 443 ssl;
server_name server2.domain.com;
include ssl/ssl.conf;
ssl on;
ssl_certificate ssl/server2.domain.com.crt;
ssl_certificate_key ssl/server2.domain.com.key;
# some locations
}
server3
server {
listen 80;
server_name server3.domain.com;
access_log off;
error_log off;
# some locations
}
server {
listen 443 ssl;
server_name server3.domain.com;
ssl on;
include ssl/ssl.conf;
ssl_certificate ssl/server3.domain.com.crt;
ssl_certificate_key ssl/server3.domain.com.key;
# some locations
}
In ssl.conf
I have
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
Thanks
Best Answer
You set up 3 servers respectively listening for requests addressed to
server[123].domain.com
.When a request for an unknown domain kicks in, nginx serves it with the default domain. By default, nginx uses the first defined one, unless you explicitely specify another one with the
default_server
flag on thelisten
directive of one of your servers. That is why yournginx.domain.com
requests will always be served by the default (first) server.Now, what you wish is a reverse proxy. It is not what you asked nginx to do. You simply defined your backend servers to which you need to add another nginx server as frontend reverse-proxy.
To do so, you will need to use the ngx_http_proxy_module along with the ngx_http_upstream_module.
Specifically, you proxy requests from a
location
withproxy_pass
to your backend servers.Here is a simple reverse-proxy server configuration that might work for you:
Note the use of the
$scheme
variable, reproducing the scheme used to connect to the frontend with connection to the backend.I am unsure about SSL configuration on the backend. I guess you need to use the same
server_name
on each of them and the same SSL certificate as on the frontend. I do not know if you can use different certificates on backends, each with a differentserver_name
and change SSL parameters for connectionsproxy -> backends
with the proxy module.