Score:0

NGINX - subdomain using https to another internal IP:PORT and hide new path

ni flag

I have spent more than week looking around this site to solve the following two items.

Background: subdomains are setup in GoDaddy DNS to forward to our public IP. Internally DNS has forward and reverse working for FQDN as well as server on the internal network.

The first item is to allow a subdomain (http or https 80-443)to point to a folder contained inside the FQDN internal server but not display the folder I redirect it to. I have tried several combinations without full success. Meaning the web page is displayed however the folder is also displayed in the browser and is viewable when you click in the URL text field.

I am using this syntax

server {
    listen 80;
    listen 443;

    server_name crm.domain.com;

    location = / {
        rewrite ^/$ /folder/;
        #return 301 domain.com/folder$request_uri;
    }
}

Or is this even possible?

The second is direct a subdomain (http or https) to another internal server and apply a port. This redirect also needs to be secure. This is what I have attempted to use but receive errors when checking nginx

server {
    server_name pds.domain.com;
    listen 80;
    listen 443;

    location / {
        proxy_set_header Host $host;
        proxy_pass https//192.168.2.12:9301;
        proxy_redirect off;
    }
}

The internal server at 192.168.2.12 is sub1.domain.com

Any thoughts on syntax to make this work?

djdomi avatar
za flag
second would be a option if you fix your typo on https// and remind that you need to setup a ssl certificate
carlfitzsimmons avatar
ni flag
Missed the type - thanks
carlfitzsimmons avatar
ni flag
I have attempted several times to include cert in server setup but have failed get that correct. The cert I have is a wildcard so I can use it with subdomains. The cert is already associated with the main web page. When a user types the webs site url you get the web page with https with no warnings.
carlfitzsimmons avatar
ni flag
So not sure how to correctly add cert info specifically for the defined Server definition. This is new territory for me and it is clear I am not creating the syntax correctly
carlfitzsimmons avatar
ni flag
Just to be clear. This is on a Synology NAS so I am modifying the WWWService.mustache file. From what I have read I like the fact that Synology did this that way because it has prevented me from messing up the global config.
carlfitzsimmons avatar
ni flag
Also after making that change the request fails. What happens is the sub.domain.com becomes inside.domain.com:PORT and fails
carlfitzsimmons avatar
ni flag
I add that the first works for subdomains on the web server the is domain.com however the second is on a completely different internal server. When inside you type https://sub1.domain.com:9301 the login page occurs.
djdomi avatar
za flag
Please update your Question in case of modification of your config files, else we need to use glass balls or a Magician to see what you are doing, you may if you don't like to write in the public send a direct message to me that I can see the certificate, if it has *.domain.TLD and domain.TLD or only *.domain.tld which would end up in an invalid certificate in case you call domain.tld - remind when Asking on this Platform requires, that you write ALL details as Clear as Possible
us flag
Please add output of `nginx -T` to the question.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.