version:1.1 (fixed) fixed some bugs
Basic Environment:
/etc/nginx/nginx.conf #保持
/etc/nginx/ssl/#ssl认证文件
/etc/nginx/site-available #VirtualHost设置区
/etc/nginx/site-enable #VirtualHost应用区
Basic design:
Let Nginx support multi-domain name (including level two domain name), and automatically jump to HTTPS (all domain names default access to HTTPS), reverse proxy forwarding to different ports in the background.
Settings file:
/etc/nginx/site-available/virtualhost1.conf
Upstream vs1{
#这里可以设置负载均衡
Server 127.0.0.1:3000;
}
server {
Listen 80;
server_name www.youdomain.com;
#这里设置跳转, return 301 is not very useful ~ ~
Rewrite ^ https://$server _name$request_uri? Permanent
}
server {
Listen 443 SSL;
#设置ssl认证文件
SSL_CERTIFICATE/ETC/NGINX/SSL/STARTSSL_CA.CRT;
Ssl_certificate_key/etc/nginx/ssl/startssl_ca.key;
Ssl_protocols SSLv3 TLSv1;
Ssl_ciphers high:!anull:! MD5;
server_name youdomain.com www.youdomain.com;
#这里设置域名跳转名称不变
Server_name_in_redirect off;
Error_page 502/errors/502.html;
# set the default HTTPS jump here
Error_page 497 https://$host $uri? $args;
Location ~ ^/(images/|img/|javascript/|js/|css/|stylesheets/|flash/|media/|static/|robots.txt|humans.txt| Favicon.ico) {
Access_log off;
Expires Max;
}
location/errors {
Internal
}
Location/{
Proxy_redirect off;
Proxy_pass HTTP://VS1;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
Proxy_set_header X-forwarded-proto $scheme;
Proxy_set_header Host $host;
Proxy_set_header remote-host $remote _addr;
Proxy_set_header X-nginx-proxy true;
Proxy_set_header Connection "";
Proxy_http_version 1.1;
}
}
/etc/nginx/site-available/virtualhost2.conf
#与上一个文件同样的地方略去.
Upstream vs2{
#这里端口为4000, you can set up load balancing
Server 127.0.0.1:4000;
}
server {
Listen 80;
server_name subdomain.yourdomain.com;
Rewrite ^ https://$server _name$request_uri? Permanent
}
server {
Listen 443 SSL;
#可以设置独立的ssl认证
SSL_CERTIFICATE/ETC/SSL/NGINX/STARTSSL_1_CA.CRT;
Ssl_certificate_key/etc/ssl/nginx/startssl_1_ca.key;
Ssl_protocols SSLv3 TLSv1;
Ssl_ciphers high:!anull:! MD5;
#这里设置了二级域名跳转, you need to set up a record in DNS, or you can support other top-level domains
server_name vs2.youdomain.com;
Server_name_in_redirect off;
Error_page 502/errors/502.html;
Error_page 497 https://$host $uri? $args;
# ....
Location/{
Proxy_redirect off;
Proxy_pass HTTP://VS2;
Proxy_set_header X-real-ip $remote _addr;
Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;
Proxy_set_header X-forwarded-proto $scheme;
Proxy_set_header Host $host: server_port;
Proxy_set_header remote-host $remote _addr;
Proxy_set_header X-nginx-proxy true;
Proxy_set_header Connection "";
Proxy_http_version 1.1;
}
#....
}
To set up an app:
Make a connection under/etc/nginx/site-enable
$sudo ln-s vs1.conf/etc/nginx/site-available/vs1.conf
Test configuration file is correct
$sudo nginx-t
Let Nginx reload the settings:
$sudo Nginx-s Reload
Testing through the environment: Ubuntu 13-server
Reference:
Nginx multi-domain multiple HTTPS forwarding setting method-million-chinaunix Blog
Http://blog.chinaunix.net/uid-231372-id-4584714.html
Nginx Multi-domain multi-HTTPS forwarding setting method "Go"