“冲突的服务器名称”,nginx有两个默认/ catchall位置 - 一个是default_server,一个没有?

时间:2014-12-30 01:53:05

标签: nginx

我在这里结束了我的智慧。我已经打了几个小时的nginx配置。以下是我正在尝试使用的两个块:

server {
    listen 80 default_server;
    location /health-check {
        default_type 'text/plain';
        access_log off;
        return 200;
    }
}

server {
    listen 80;
    location / {
        return 301 https://$http_host$request_uri;
    }
}

# other application servers/upstreams follow -- one is provided here for completeness,
# although the issue is almost certainly above

upstream quinoa-icehouse {
    server 172.17.8.100:49153;

}

server {
    server_name ~^quinoa-icehouse\.(?<domain>.+)$;
    server_name_in_redirect off;
    port_in_redirect off;


    listen 443 ssl spdy;
    listen 80;
    ssl_certificate /etc/ssl/deis.cert;
    ssl_certificate_key /etc/ssl/deis.key;

    location / {

        proxy_buffering             off;
        proxy_set_header            Host $host;

        proxy_set_header            X-Forwarded-Proto $scheme;

        proxy_set_header            X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_redirect              off;
        proxy_connect_timeout       30s;
        proxy_send_timeout          1200s;
        proxy_read_timeout          1200s;
        proxy_http_version          1.1;
        proxy_set_header            Upgrade           $http_upgrade;
        proxy_set_header            Connection        $connection_upgrade;

        proxy_next_upstream         error timeout http_502 http_503 http_504;

        add_header                  X-Deis-Upstream   $upstream_addr;

        proxy_pass                  http://quinoa-icehouse;
    }
}

请注意,我希望/health-check端点仅在其他服务器名称不匹配时才起作用,但我希望只要匹配服务器名称就会发生301

我似乎已经尝试过这些指令的每个组合,只是为了得到:

[INFO] - 2014/12/30 01:26:34 [warn] 39#0: conflicting server name "" on 0.0.0.0:80, ignored

我有办法完成我所寻求的目标吗?谢谢!!

1 个答案:

答案 0 :(得分:2)

基本上,你要走出Nginx&#39;定义的参数。您不能将两个默认服务器块相互坐在一起。

然而,您可以通过定义:

来实现您的需求
  1. 捕获所有阻止端口80的块以将所有请求重定向到端口443
  2. 捕获所有块,侦听所有不匹配域的端口443

    3. 然后您需要确保以下内容:

    1. 删除&#34; default_server&#34;指令并依赖于服务器块的位置,如示例答案
      2. 中所示
    2. 确保其他应用程序服务器/上游仅侦听端口443.

      3. 所以你的配置应该是这样的:

      http {

    [ ... ]

    # Default to redirect from Port 80 to Port 443
    server {
        listen 80;
        return 301 https://$host$request_uri;
    }
    # Default for unmatched domains on Port 443
    server {
        listen 443 ssl spdy;
        ssl_certificate /etc/ssl/someCert.cert;
        ssl_certificate_key /etc/ssl/someKey.key;
        # Return 403, 404 or 444
        return 403;
    }

    # Other servers.
    # 1. These must be below this for this configuration to work.
    # 2. None should listen on Port 80
    server {
        server_name ABC
        listen 443 ssl spdy;
        ssl_certificate /etc/ssl/someCert.cert;
        ssl_certificate_key /etc/ssl/someKey.key;

        [ ... ]

    }
    server {
        server_name XYZ
        listen 443 ssl spdy;
        ssl_certificate /etc/ssl/someCert.cert;
        ssl_certificate_key /etc/ssl/someKey.key;

        [ ... ]

    }
}

      请参阅:Why is nginx responding to any domain name?

      另请注意,对于只返回简单响应的简单服务器块,您不需要拥有位置块。

相关问题
最新问题