Join Log in
Score:0
avatar Server

Nginx api gateway warehouse with subdomain support

ke flag
DIGI Byte

I am following a tutorial to setup an API proxy, I am running production and development server apps on the same VPS

https://www.nginx.com/blog/deploying-nginx-plus-as-an-api-gateway-part-1/

I have my domains managed with SSL via certbot on both live.domain.com and dev.domain.com

I am stuck on "Defining the Warehouse API" The issue is that the routing explained is based on URL path location, it does not explain how to handle subdomain set up on top of it.

I have setup: api_gateway

include api_backends.conf;
include api_keys.conf;

server {
    access_log /var/log/nginx/api_live.log main; # Each API may also log to a 
                                                   # separate file

    listen 443 ssl;
    server_name live.domain.com;

    # TLS config
    ssl_certificate      /etc/letsencrypt/live/live.domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key  /etc/letsencrypt/live/live.domain.com/privkey.pem; # managed by Certbot
    include              /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam          /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout  5m;
    ssl_ciphers          HIGH:!aNULL:!MD5;
    ssl_protocols        TLSv1.2 TLSv1.3;

    # API definitions, one per file
    include api_conf.d/*.conf;

    # Error responses
    error_page 404 = @400;         # Treat invalid paths as bad requests
    proxy_intercept_errors on;     # Do not send backend errors to client
    include api_json_errors.conf;  # API client-friendly JSON errors
    default_type application/json; # If no content-type, assume JSON
}
# *repeated for dev.domain.com*

api_backends

upstream live {
zone live_service 64k;
server 127.0.0.1:4000
}
upstream dev {
zone dev_service 64k;
server 127.0.0.1:2000
}

Any way I can manage it with the following:

location / {
    # Policy configuration here (authentication, rate limiting, logging...)
    #
    access_log /var/log/nginx/warehouse_api.log main;

    # URI routing
    #
# if subdomain live
    location / {
        proxy_pass http://live;
    }
# else if subdomain dev
    location / {
        proxy_pass http://dev;
    }

    return 404; # Catch-all
}

perhaps I can use this snippet I found.

    if ($host = live.domain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

is this possible?

    if ($host = live.domain.com){
        location /api {
                proxy_pass http://live/api;
        }
# AND/OR
        location /docs/ {
                proxy_pass https://live$request_uri
        }
    }
64
0 + 0
Score:1
drookie avatar Server
za flag
drookie

Everything is almost fine in your configuration,except that you've tricked yourself with those includes and location / {} blocks, and not including the second vhost configuration part.

You just need to put the live.domain.com and dev.domain.com location / {} blocks in the corresponding server {} blocks and that's all (one containing proxy_pass http://live; in the live one, and so on).

Don't use if () {} blocks at this time, you don't need it.

And yeah, you're kinda lacking the non-TLS server {} blocks, but that's another question I guess.

0 + 0
ke flag
DIGI Byte
Are you saying I add the proxy_pass to the server block in the "api_gateway" and delete the "warehouse_api.conf"?
0
Reply
ke flag
DIGI Byte
Figured it out with some trial and error! sadly, there is no "all" paths so I routed the api path and doc path per my locations in the server block, I'll want to keep learning Nginx so I can do this stuff better in the future. thank you for the hints.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.