Здравствуйте, занялся настройкой по мотивам статьи:
Динамические домены 3 уровня
В общем то решение простое — т.к. на сайте уже налажена через mod_rewrite работоспособность ссылок вида www.example.com/users/([a-zA-Z_]+) то было принято решение делать рерайт поддоменов через nginx.
- у меня в данном случае по этой части отсутствуют конфигурации с mod_rewrite.
Результат работы конфигов:
Not Found
The requested URL /basic/default/web/ was not found on this server.
Apache/2.4.10 (Debian) Server at default.privet.com Port 80
Nginx:
server {
server_name mysite.com www.mysite.com;
listen 80;
return 301 https://mysite.com$request_uri;
}
server {
server_name ~^(?<level>[a-z0-9\-]+)\.mysite.com$;
listen 80;
pagespeed off;
location / {
proxy_pass http://12.13.14.15:81/basic/$level/web$uri$is_args$args;
proxy_redirect http://12.13.14.15:81/ /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
server_name mysite.com;
listen 443 ssl;
ssl_stapling on;
ssl on;
ssl_certificate /etc/nginx/sert/mysite.com.crt;
ssl_certificate_key /etc/nginx/sert/mysite.com.key;
# ssl_dhparam /etc/pki/nginx/dhparam.pem;
ssl_session_timeout 24h;
ssl_session_cache shared:SSL:2m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers kEECDH+AES128:kEECDH:kEDH:-3DES:kRSA+AES128:kEDH+3DES:DES-CBC3-SHA:!RC4:!aNULL:!eNULL:!MD5:!EXPORT:!LOW:!SEED:!CAMELLIA:!IDEA:!PSK:!SRP:!SSLv2;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000;";
add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report";
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
pagespeed off;
pagespeed MapOriginDomain "http://localhost" "https://www.mysite.com";
pagespeed LoadFromFile "https://mysite.me" "/www/mysite.com";
access_log /var/log/nginx/access.log;
set $root_path /www/mysite.com/;
location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
root $root_path;
error_page 404 = @fallback;
}
location / {
proxy_pass http://12.13.14.15:81;
proxy_redirect http://12.13.14.15:81/ /;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
location @fallback {
proxy_pass http://12.13.14.15:81;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
}
Apache2:
<Directory /www/mysite.com>
AllowOverride All
</Directory>
<VirtualHost 12.13.14.15:81 >
ServerName mysite.com
DocumentRoot /www/mysite.com/
ServerAdmin mail@mysite.com
ServerAlias www.mysite.com
</VirtualHost>
Простой
Сложный
Средний
