0

I want: if ANY site not found in (Hestia 192.168.0.37 server) then redirected (Nginx proxy manager 192.168.0.36)

Given:

  1. Hestia server 192.168.0.37
  2. Nginx proxy manager 192.168.0.36
  3. Site for test testsite.com (created in Nginx proxy manager) (Hestia not have any records)
  4. hestia posrts:
#netstat -nt4ulp | grep nginx
tcp        0      0 0.0.0.0:80 LISTEN /nginx: mast 
tcp        0      0 0.0.0.0:443 LISTEN /nginx: mast 
tcp        0      0 0.0.0.0:8083 LISTEN/nginx: master  
tcp        0      0 127.0.0.1:8084 LISTEN /nginx: mast 
#netstat -nt4ulp | grep apache
tcp        0      0 192.168.0.37:8443 LISTEN /apache2     
tcp        0      0 192.168.0.37:8080 LISTEN /apache2     
tcp        0      0 127.0.0.1:8081 LISTEN /apache2

========================================================================

I try:

edit /etc/nginx/conf.d/192.168.0.37.conf

server {
    listen 80 default_server;
    server_name _;
    
    location / {
        proxy_pass http://192.168.0.36:80;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

server {
    listen 443 ssl default_server;
    server_name _;
    
        ssl_certificate     /usr/local/hestia/ssl/certificate.crt;
        ssl_certificate_key /usr/local/hestia/ssl/certificate.key;

    
    location / {
        proxy_pass https://192.168.0.36:443;
        proxy_set_header X-Real-IP $remote_addr;
    }
}

========================================================================

I try

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 15 Sep 2023 17:54:48 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://testsite.com/

and see page from (Hestia server 192.168.0.37) DocumentRoot /var/www/html/index.html from /etc/apache2/conf.d/192.168.0.37.conf

Listen 192.168.0.37:8443
Listen 192.168.0.37:8080
<VirtualHost 192.168.0.37:8080>
    ServerName 192.168.0.37
    DocumentRoot /var/www/html2/
    Alias /error/ /var/www/document_errors/

</VirtualHost>

<VirtualHost 192.168.0.37:8443>
    ServerName 192.168.0.37
    DocumentRoot /var/www/html/
    Alias /error/ /var/www/document_errors/

    SSLEngine on
    SSLVerifyClient none
    SSLCertificateFile         /usr/local/hestia/ssl/certificate.crt
    SSLCertificateKeyFile      /usr/local/hestia/ssl/certificate.key

</VirtualHost>

why, how fix?

Improve this question
2
  • You are passing every webpage on 192.168.0.37 to 192.168.0.36
    – George Y
    Sep 16 at 4:23
  • ...maybe not....nginx is connecting to ports 80 & 443 but apache is listening on ports 8443 and 8080 ?
    – symcbean
    Sep 19 at 16:55

1 Answer 1

Reset to default
0

This should be a comment, but it's a bit long.

I don't know what you are asking here.

If you are terminating the SSL on the nginx server, then either you have an absolute monster of an SSL certificate, or you have every site configured as a separate server{...} in nginx.

and see page from (Hestia server 192.168.0.37)

Yes, that is exactly what I'd expect from this configuration. You asked for http[s]://192.168.0.36 you got http[s]://192.168.0.36

If you want to preserve the behaviour for https://192.168.0.36 (which is not accessible outside the subnet) while adding a new behaviour for the unknown vhosts then you need a DNS record or hosts entry on the proxy with a new name, and a corresponding virtual host in apache.

Alternatively, since any sane person would not try to operate multiple sites off the same certificate, is to just return a redirect from the default server in nginx.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .