Created
September 4, 2019 09:21
-
-
Save malkitsingh/946657841b00c18585c06ca84b92b629 to your computer and use it in GitHub Desktop.
Managing multiple sites from single server using Nginx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Short note on how to manage multiple sites with SSL from Nginx | |
make domainOne.com domainTwo.com file in | |
/etc/nginx/sites-available | |
Contents of domainOne.com will look like this once done | |
server { | |
server_name domainOne.com www.domainOne.com; | |
root /home/domainOne-com; | |
index index.html; | |
location / { | |
try_files $uri $uri/ =404; | |
} | |
listen 443 ssl; | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/domainOne.com/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/domainOne.com/privkey.pem; # managed by Certbot | |
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
} | |
server { | |
if ($host = www.domainOne.com) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
if ($host = domainOne.com) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
return 404; # managed by Certbot | |
} | |
And contents of domainTwo.com will look like this once done | |
server { | |
server_name domainTwo.com www.domainTwo.com; | |
root /home/domainTwo-com; | |
index index.html; | |
location / { | |
try_files $uri $uri/ =404; | |
} | |
listen 443 ssl; | |
ssl on; | |
ssl_certificate /etc/letsencrypt/live/domainTwo.com/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/domainTwo.com/privkey.pem; # managed by Certbot | |
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
} | |
server { | |
if ($host = www.domainTwo.com) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
if ($host = domainTwo.com) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
listen 80; | |
listen [::]:80; | |
# server_name domainTwo.com www.domainTwo.com; | |
return 404; # managed by Certbot | |
} | |
Once these files are created, we can enable them with a symbolic link: | |
ln -s /etc/nginx/sites-available/domainTwo.com /etc/nginx/sites-enabled/domainTwo.com | |
ln -s /etc/nginx/sites-available/domainOne.com /etc/nginx/sites-enabled/domainOne.com | |
To Install Let's Encrypt | |
First, add the repository: | |
sudo add-apt-repository ppa:certbot/certbot | |
Install Certbot’s Nginx package with apt: | |
sudo apt install python-certbot-nginx | |
Obtaining an SSL Certificate | |
sudo certbot --nginx -d example.com -d www.example.com | |
This runs certbot with the --nginx plugin, using -d to specify the names we’d like the certificate to be valid for. | |
Verifying Certbot Auto-Renewal | |
sudo certbot renew --dry-run | |
Confirming Nginx’s Configuration | |
sudo nginx -t | |
sudo systemctl reload nginx | |
or | |
sudo systemctl restart nginx | |
sudo systemctl status nginx | |
Nginx let's encrypt installation notes taken from | |
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Enable your Server Blocks
When we have server block files, we need to enable them. We can do this by creating symbolic links from these files to the sites-enabled directory, which Nginx reads from during startup.
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
Reference from DigitalOcean