Join Log in
Score:0
Juan Carlos avatar Server

Nginx, Cloudflare, Subdomain issues

bd flag
Juan Carlos

NGINX Newbie here, I'm trying to configure what I find a bit challenging task. I need the following structure:

  • www.example.com -- Website for Company. For now, both www.example.com and example.com must redirect to project.example.com.

  • project.example.com Website for Project

  • project.example.com/app1 -- App 1 for project

  • project.example.com/app2 -- App 2 for project

  • api.example.com -- API for project listening to port 3001. Preferebly, I'd like routes like: www.api.example.com or api.example.com to automatically redirect to https://api.example.com.

Note: I'm trying to redirect all the blocks to https.

I've tried the following so far and pretty much a lot of variants over here:

server {
    listen 80;
    listen [::]:80;
    server_name example.com www.example.com;
    return 302 https://project.$server_name$request_uri;
}

# API Redirect to SSL
server {
    listen 80;
    listen [::]:80;
    server_name api.example.com www.api.example.com;
    return 302 https://api.example.com$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.api.example.com;
    return 302 https://api.example.com$request_uri;

    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;
    ssl_client_certificate  /etc/ssl/cloudflare.crt;
    ssl_verify_client on;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name example.com www.example.com;
    root /var/www/html/example-website;
    index index.html index.htm index.nginx-debian.html;
    return 302 https://project.$server_name$request_uri;

    # SSL configuration
    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;
    ssl_client_certificate  /etc/ssl/cloudflare.crt;
    ssl_verify_client on;

    location / {
      try_files $uri $uri/ =404;
    }
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name project.example.com www.project.example.com;
    root /var/www/html/project-website;
    index index.html index.htm index.nginx-debian.html;

    # SSL configuration
    ssl_certificate         /etc/ssl/cert.pem;
    ssl_certificate_key     /etc/ssl/key.pem;
    ssl_client_certificate /etc/ssl/cloudflare.crt;
    ssl_verify_client on;

    location / {
      try_files $uri $uri/ =404;
    }

    location /app1 {
       alias /var/www/html/project-app1;
       try_files $uri /project-app1/index.html;
    }

    location /app2 {
       alias /var/www/html/project-app2;
       try_files $uri /project-app2/index.html;
    }
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name api.example.com www.api.example.com;
  resolver 127.0.0.1;

  ssl_certificate         /etc/ssl/cert.pem;
  ssl_certificate_key     /etc/ssl/key.pem;
  ssl_client_certificate /etc/ssl/cloudflare.crt;
  ssl_verify_client on;

    location / {
    rewrite ^/api/?(.*) /$1 break;
    proxy_pass https://127.0.0.1:3001; #API Server
    proxy_redirect off;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    }  
}

I'm quite new on NGINX so I aint sure if what I've done is ok or even remotely close to what most would consider good practices.

What I've achieved so far:

  • www.example.com and example.com redirects to project.example.com website by default.
  • and... I used to have the app1 and app2 relatevily working but I don't know what I've messed up that these do not work anymore :(

Anyway, extra things to mention:

  • Environment: AWS EC2 Instance,
  • Certs and DNS: Cloudflare.

Image of DNS declared, and proxied, through Cloudflare

  • Apps: These are Angular apps and I was having problems regarding the child routes such as:
    • project.example.com/app1 -- Was accessible (at some point, not anymore)
    • project.example.com/app1/home -- Would trow a 404 Not found. As far as I know I managed to fix such thing on an Apache Server sometime ago, therefore I guess I can find a similar fix on this case for NGINX.
  • api.example.com -- This one doesn't even gets redirected from www.api.example.com, and I can't get to connect to the API either straight through the endpoints. Throws 502 in the best cases. Sorry for such a long post but wanted to be as clear as possible and thanks a lot for any further help you could give me to achieve these points, really appreciate it.
44
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.