We Keep Coding

Nginx Redirect hostname+location

my nginx config uses server_name _; to process all domains in a single server{} block and direct them all to the same codebase sitting in a single folder with a single index.php that sorts out the domain routing. (that's the way the web framework works with 100's of domains within a single cluster - cant change this).
One of the sites has 2 domains. One for each language, let's call them example.com and example.net. This site also has language-specific subfolders, let's call them: /com/ and /net/.
I need to create a redirect that ensures the language subfolder is only loaded on the matching domain.
eg, valid requests:
example.com/com/
example.net/net/
Any other request needs to be redirected based on the subfolder:
example.com/net/ -> example.net/net/
example.net/com/ -> example.com/com/
I cant do it with the framework because the folder contains all static files, so the router is never loaded. Can this be done in the nginx config?
Thank you
update, adding simplified version of my config:
server {
listen 80 default_server;
server_name _;
root /my/app/root;
index index.php index.html;
location / {
try_files $uri /index.php;
}
#PHP
location ~ \.php$ {
try_files $uri = 404;
[fastcgi stuff]
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location = /apple-touch-icon.png {
access_log off; log_not_found off;
}
location = /apple-touch-icon-precomposed.png {
access_log off;
log_not_found off;
}
}

I think that you will need 1 location block per subfolder (but have not tested it):
location /com {
proxy_pass http://upstream:8888/com;
proxy_set_header Host example.com;
proxy_pass_request_headers on;
}
location /net {
proxy_pass http://upstream:8888/net;
proxy_set_header Host example.net;
proxy_pass_request_headers on;
}

Solved it...
location /com/ {
if ($host = 'www.example.net') {
return 301 https://www.example.com$request_uri;
}
index index.html;
}
And the reverse for the other location/domain

Nginx Caching for Rest API

I have created a Spring Boot project. I have to cache one Rest API call:
GET localhost:8080/parts
For that I have used nginx. But it is not working : every time I call the API, that call is going to backend. My configuration file is given below.
/usr/local/etc/nginx/nginx.conf
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
error_page 500 502 503 504 /50x.html;
proxy_cache_path /var/log/oms levels=1:2 keys_zone=webcache:10m inactive=1d max_size=2000m;
proxy_cache_min_uses 1;
#upstream backend_server {
# server localhost:8080;
#}
server {
listen 80;
server_name localhost;
location /parts {
proxy_pass http://localhost:8080/parts;
proxy_cache webcache;
}
#location /{
# proxy_pass http://localhost:8080;
# proxy_cache webcache;
#}
}
include servers/*;
}

magento custom admin url redirects to homepage

We just moved to another server, we are using Nginx as webservice
and we are using custom admin url for magento 1.9 like admin.domain.com
I can access magento admin through this url: https://admin.domain.com/index.php/admin
so is there anyway I can access it using this url only admin.domain.com
here it's my nginx config
server {
listen 888.888.888.888:80;
server_name domain.com *.domain.com www.domain.com;
root /home/admin/web/domain.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/domain.com.log combined;
access_log /var/log/nginx/domains/domain.com.bytes bytes;
error_log /var/log/nginx/domains/domain.com.error.log error;
location / {
try_files $uri $uri/ #handler;
expires 30d;
}
location /app/ { deny all; }
location /includes/ { deny all; }
location /lib/ { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/ { deny all; }
location /report/config.xml { deny all; }
location /var/ { deny all; }
location /var/export/ {
auth_basic "Restricted";
auth_basic_user_file htpasswd;
autoindex on;
}
location /. {
return 404;
}
location #handler {
rewrite / /index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
location ~ \.php$ {
try_files $uri =404;
expires off;
fastcgi_read_timeout 900s;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9002;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
location /lib/minify/ {
allow all;
}
gzip on;
gzip_comp_level 6;
gzip_min_length 256;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/domain.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/domain.com/stats/;
include /home/admin/web/domain.com/stats/auth.conf*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.domain.com.conf*;
}

Here is what you need to do:
Create two exact servers
Make sure that your files are sync'd (root
/var/www/vhosts/example.com;)
Your admin server will become your master and you can use Lsync to
make sure they are always sync'd
Domain admin.example.com will have one IP and your production server
will have another Ip address
You nginx config files can be identical.
In Magento you will choose custom url for admin and point that URL
To your new admin server
Any files changes and uploads will go to Admin and will get sync'd
to your slave server via the Lsync process.
You can run Redis through ElastiCache or simply run it on the admin
server
You should use RDS for your database server
Store sessions and cache in REDIS
DO NOT SYNC YOUR VAR FOLDER

Nginx Exclude a query string url from being redirected

I am currently redirecting my root domain to a subfolder. However I want to exclude a query string url which is used for an ajax call (www.example.com/?act=12). I am however unsure of how to do this in nginx.
This is my current nginx config file
server {
listen 80;
server_name example.com;
return 301 http://www.example.com$request_uri;
}
server {
listen 80;
server_name www.example.com;
root /var/www/example.com/public;
index index.php index.html;
location = / {
return 301 http://www.example.com/it/;
}
location / {
proxy_pass http://localhost:8080;
include /etc/nginx/proxy_params;
}
location ~* \.(js|css|jpg|jpeg|gif|png|svg|ico|pdf|html|htm)$ {
expires 30d;
}
location ~ /\.ht {
deny all;
}
}
Any help will be appreciated.

That can be achieved by using the evil if block.
The query string arguments are presented as variables with a $arg_ prefix. If you just need to test that act is set, try this:
location = / {
if ($arg_act) {
rewrite ^ /my/ajax/call last;
}
return 301 http://www.example.com/it/;
}
If you need to test for a specific value of $arg_act use the = operator.
See this document for details.

nginx 301 redirect to incorrect vhost

I'm having a 301 redirect issue for multiple sites pointing to our primary site although the intended affected sites are in their own server blocks. If I disable the primary site, the others work as intended, so it seems something in the primary config is trumping the others. Any help would be appreciated.
/etc/nginx/nginx.conf:
user nginx;
worker_processes 8;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /var/log/nginx/access.log;
access_log off;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
client_max_body_size 50M;
client_body_buffer_size 1m;
client_body_timeout 15;
client_header_timeout 15;
keepalive_timeout 2 2;
send_timeout 15;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 120s;
fastcgi_read_timeout 120s;
fastcgi_busy_buffers_size 256k;
fastcgi_max_temp_file_size 0;
reset_timedout_connection on;
server_names_hash_bucket_size 100;
fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:10m max_size=1000m inactive=60m;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
include /etc/nginx/conf.d/*.conf;
}
This is the vhost conf that appears to be trumping other vhosts. /etc/nginx/conf.d/site1.conf:
server {
listen 10.10.10.1:80;
listen 10.10.10.1:443 ssl;
server_name ^site1\.org$ ^www\.site1\.org$ ^old\.site1domain\.org$;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
keepalive_timeout 70;
root /var/www/vhosts/site1.org/httpdocs;
index index.php;
client_max_body_size 128M;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php-fpm/site1.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include /etc/nginx/fastcgi_params;
include /etc/nginx/fastcgi.conf;
open_file_cache max=4000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
}
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
if ($scheme != "https") {
rewrite ^ https://site1.org$uri permanent;
}
if ($host != "site1.org") {
rewrite ^ https://site1.org$uri permanent;
}
#wp-super-cache
....
location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp)$ {
expires max;
}
}
Phew. OK, here is an example of a different vhost config, which does not seem to be answering requests (instead, i get a 301 to the vhost above, with or without the redirects commented out).
/etc/nginx/conf.d/site2.conf:
server {
listen 10.10.10.1:80;
server_name ^sub1\.site2\.org$;
allow all;
proxy_redirect / http://10.10.10.1:6969;
location / {
proxy_pass http://10.10.10.1:6969;
}
}
However, for some reason, this SSL proxy works as intended (on different IP):
/etc/nginx/conf.d/site3.conf:
server {
listen 10.10.10.2:443 ssl;
server_name ^sub3\.site1\.org$;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
allow all;
proxy_redirect / http://sub3.site1.org:80/;
location / {
proxy_pass http://sub3.site1.org:80/;
}
proxy_set_header Host $http_host;
}
Here is what I get when I attempt to connect to http://sub1.site2.org:
[c09 79] /etc/nginx/conf.d # wget {sub1.site2.url}
--2015-11-25 09:09:28-- {sub1.site2.url}
Resolving sub1.site2.org... 10.10.10.1
Connecting to sub1.site2.org|10.10.10.1|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: {site1.url} [following]
and so on...
Thanks in advance.

Your server_name directives are all invalid so none of them match. So nginx uses the first server container as the default and processes all requests through that.
It then hits your rewrite ^ https://site1.org$uri permanent; conditional rewrite.
If you must use regex in your server_names (although it's less efficient unless you really need it), you must prefix the name with ~. Otherwise, just use the plain name.
server_name site1.org www.site1.org old.site1domain.org;
See this document for details.