I’m having a problem which I do not know how to solve it. I’ve created a custom NGINX Template, because I want special mappings for my web app.
I have and app running in port 8181 and I want to link it to myapp.com
. I have a special need regarding some host names. I would like that home.myapp.com
take me to the /home endpoint if it has no endpoint selected (root), but also take me to the selected endpoint if set, for example home.myapp.com/any-other-endpoint
should take me to /any-other-endpoint
So this is the relevant part of the nginx template:
server {
listen %ip%:%proxy_ssl_port% ssl http2;
server_name myapp.com www.myapp.com;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
ssl_stapling on;
ssl_stapling_verify on;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
location / {
proxy_pass https://%ip%:8181;
location ~* ^.+\.(%proxy_extensions%)$ {
root %sdocroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass https://%ip%:8181;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
proxy_hide_header Upgrade;
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
}
server {
listen %ip%:%proxy_ssl_port% ssl http2;
server_name home.myapp.com;
ssl_certificate %ssl_pem%;
ssl_certificate_key %ssl_key%;
ssl_stapling on;
ssl_stapling_verify on;
error_log /var/log/%web_system%/domains/%domain%.error.log error;
include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
location ~* ^/(.*)$ {
proxy_pass https://%ip%:8181;
location ~* ^.+\.(%proxy_extensions%)$ {
root %sdocroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location = / {
proxy_pass https://%ip%:8181/home;
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass https://%ip%:8181;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
proxy_hide_header Upgrade;
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
}
When using it, it works perfectly fine… The problem is with the Let’s Encrypt challenges.
For example, this challenge (editted the final part) works perfectly fine:
https://myapp.com/.well-known/acme-challenge/nakldnu3904ui23nasjd0ajd-ada
But this does not:
https://home.myapp.com/.well-known/acme-challenge/nakldnu3904ui23nasjd0ajd-ada
They should both work in the same way, as per my initial requests, but as they don’t I think maybe my configuration is wrong…
Another thing I don’t understand is that in my app, any unrecognized endpoint should take the user to /login. So for example, myapp.com/unkonwn
redirects me to myapp.com/login
… This is what happens with the not working challenge, it takes me to /login… in a way, that’s is correct… but so, why does the other challenge work? It’s the same app…
One thing I guess is that the non-working challenge URL is taking me to /home/.well-known/acme-challenge/nakldnu3904ui23nasjd0ajd-ada
I hope you can help me clarify this! Thanks in advance!