This question has probably been asked a lot, but I can't seem to find a really simple solution that actually works. And I need help to set this up.
I'll list my current enviroment so you can get a quick overview:
- Server Host: HETZNER Cloud Server
- Domain Host: Webhuset.no (DNS Records are here)
- OS: CentOS 7 (Hetzner)
- Website: Running NGINX with NodeJS reverse proxy
- DNS: I have not added *.domain.example in my DNS Record, because I don't want every sub-host to to to my server.
- SSL: Enabled, using Let's Encrypt Certbot.
I am only running one site, with of course, different pages for different stuff (Not multiple sites)
My goal is to have something similar to CPanel-subdomains. Where I can add admin.domain.example and set it to for example domain.example/admin without redirect.
But I have found this to be harder than expected, because I have been reading so many forum-posts and so many docs now and I just can't get it to work.
I have come far enough to understand that the subdomain has to be configured in Nginx. Before this I kept trying to do this in the nodejs config.
My current nginx.conf which makes my domain example.domain go straight to root folder of my website, with SSL. This works fine.
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
server {
server_name example.domain www.example.domain;
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/example.domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.domain/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
}
Here I assume I have to add a server block in order to make admin.example.domain route to example.domain/admin
How can I do this and still maintain SSL? I need SSL in order to make the images render. I have tried adding a server block like this:
server {
server_name admin.example.domain
location / {
proxy_pass http://127.0.0.1:3000/admin;
}
listen [::]:443 ssl ipv6only=on;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/example.domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.domain/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
If this were to work (It doesn't unless I listen to port 80 and use http://), it would just redirect me to (UNSECURE)https://admin.example.domain/admin
And everybody who do the same as I just did above, gets it to work. But I don't. What is different, and how can I solve this?
CodePudding user response:
SOLUTION
- Create a server block for each subdomain I want and put the directory in the proxy_pass (Save and restart/reload nginx config)
- Run certbot --nginx
- Select the subdomain from the certbot list
- Go through with the configuration and boom it works as expected. example.domain is always replaced with my domain. Just for referance. I only use example.domain in this post to keep it hidden.