How to point cname to nginx server that uses reverse-proxy [closed]
I've got a server using wildcard subdomains. I'm using nuxtjs, nginx that runs on a reverse proxy on port 3000. Every user should be able to create a subdomain on the site, for example subdomain.learnbot.tk this will then point to learnbot.tk/school/{subdomain-name}. Every user should be able to create a cname that points to their own subdomain.learnbot.tk.
But when I create a CNAME record with host as @ and target as subdomain.learnbot.tk using domain name https://creatorbrandedsite.tk/ it returns 404.
Here's my conf file for wildcard subdomains:
server {
listen 80;
server_name *.learnbot.tk;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
#include snippets/ssl-example.com.conf;
#include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/learnbot.tk/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/learnbot.tk/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /home/subdomain/learnbot.tk/public/current;
index index.php index.html index.htm index.nginx-debian.html;
server_name *.learnbot.tk;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /blog {
try_files $uri $uri/ /index.php$is_args$args;
}
# For Lets Encrypt certbot
location ~ /.well-known {
allow all;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location /favicon.ico { alias /var/www/html/example/favicon.ico; }
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
}
nuxtjs conf file for main domain
server {
index index.html;
server_name learnbot.tk www.learnbot.tk;
location / {
# WARNING: https in proxy_pass does NOT WORK!! I spent half a day debugging this.
#proxy_pass https://localhost:4001;
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
error_page 404 /custom_404.html;
location = /custom_404.html {
root /etc/nginx/sites-available/custom_nginx_error_pages;
internal;
}
listen [::]:443 ssl http2; # managed by Certbot, modified by Kunal to add http2
listen 443 ssl http2; # managed by Certbot, modified by Kunal to add http2
#Install SSL certificates and configure https:// on a per-domain-basis by running:
#sudo certbot --nginx
#(when prompted, be sure to select the option to set up redirects from http to https and effectively "disable" http)
ssl_certificate /etc/letsencrypt/live/learnbot.tk/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/learnbot.tk/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name learnbot.tk;
if ($host = learnbot.tk) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
return 404; # managed by Certbot
}
When you are requesting https://creatorbrandedsite.tk/, the following events happen:
- Browser queries DNS information for
creatorbrandedsite.tk - It receives CNAME response, and proceeds to look up
subdomain.learnbot.tkA record. - It connects to IP address for
subdomain.learnbot.tk. - It requests domain
creatorbrandedsite.tkfrom your nginx server.
Your server's default virtual host configuration then returns 404 not found to the request.
DNS CNAME record is only used for resolving the destination IP address. It is not used for selecting the actual virtual host where browser connects.
You need to reconsider your approach on the issue.