NGINX + Lets Encrypt + Subdomains

Issues related to applications and software problems
Post Reply
User avatar
signalsout
Posts: 4
Joined: 2020/02/05 23:01:23
Location: Earth
Contact:

NGINX + Lets Encrypt + Subdomains

Post by signalsout » 2020/02/05 23:06:16

I'm having issues figuring out how to create subdomains with nginx and lets encrypt.

Code: Select all

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user www-data;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /var/www/html/vastspace.ca;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }

# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /var/www/html/vastspace.ca;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }



    server {
    server_name blog.vastspace.ca www.vastspace.ca social.vastspace.ca pixel.vastspace.ca files.vastspace.ca vastspace.ca; # managed by Certbot
        root         /var/www/html/vastspace.ca;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/vastspace.ca/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/vastspace.ca/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot











}

    server {
    if ($host = pixel.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = blog.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = social.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = files.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = www.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen       80 ;
        listen       [::]:80 ;
    server_name blog.vastspace.ca www.vastspace.ca social.vastspace.ca pixel.vastspace.ca files.vastspace.ca vastspace.ca;
    return 404; # managed by Certbot












}}

This is my conf file for nginx. I have tried to create a file in conf.d for files.vastspace.ca.conf that look like this.

Code: Select all

## Virtual Host - files.vastspace.ca
server {
    listen       80;
    listen  [::]:80;
    server_name  files.vastspace.ca;
    root /var/www/html/files.vastspace.ca;
    index index.html index.htm index.php;
#}
#server {
#    server_name files.vastspace.ca;  
#    listen [::]:443 ssl ipv6only=on; # managed by Certbot
#    listen 443 ssl; # managed by Certbot
#    ssl_certificate /etc/letsencrypt/live/vastspace.ca/fullchain.pem; # managed by Certbot
#    ssl_certificate_key /etc/letsencrypt/live/vastspace.ca/privkey.pem; # managed by Certbot
#    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
#    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot#
##
#
#  root /var/www/html/files.vastspace.ca;
#  index index.html index.htm index.php;
#  location / {
#    try_files $uri $uri/ =404;
#  }
#}
I have a few other subdomains I would like to configure as well.

Any ideas?

Thanks,
Nate
------------------
Fortune favours the brave.

User avatar
signalsout
Posts: 4
Joined: 2020/02/05 23:01:23
Location: Earth
Contact:

Re: NGINX + Lets Encrypt + Subdomains

Post by signalsout » 2020/02/06 19:50:22

------------------
Fortune favours the brave.

User avatar
signalsout
Posts: 4
Joined: 2020/02/05 23:01:23
Location: Earth
Contact:

Re: NGINX + Lets Encrypt + Subdomains

Post by signalsout » 2020/02/07 01:10:03

Code: Select all

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user www-data;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;
###Vastspace.ca
    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  vastspace.ca;
        root         /var/www/html/vastspace.ca;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
###Files.vastspace.ca
    server {
	listen       80;
        listen       [::]:80;
        server_name  files.vastspace.ca;
        root         /var/www/html/files.vastspace.ca;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

	error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }


# Settings for a TLS enabled server.
#
#    server {
#        listen       443 ssl http2 default_server;
#        listen       [::]:443 ssl http2 default_server;
#        server_name  _;
#        root         /var/www/html/vastspace.ca;
#
#        ssl_certificate "/etc/pki/nginx/server.crt";
#        ssl_certificate_key "/etc/pki/nginx/private/server.key";
#        ssl_session_cache shared:SSL:1m;
#        ssl_session_timeout  10m;
#        ssl_ciphers HIGH:!aNULL:!MD5;
#        ssl_prefer_server_ciphers on;
#
#        # Load configuration files for the default server block.
#        include /etc/nginx/default.d/*.conf;
#
#        location / {
#        }
#
#        error_page 404 /404.html;
#            location = /40x.html {
#        }
#
#        error_page 500 502 503 504 /50x.html;
#            location = /50x.html {
#        }
#    }


###Vastspace.ca
    server {
    server_name www.vastspace.ca vastspace.ca; # managed by Certbot
        root         /var/www/html/vastspace.ca;

        # Load configuration files for the default server block.
        #include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/vastspace.ca/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/vastspace.ca/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
###files.vastspace.ca
    server {
    server_name files.vastspace.ca; # managed by Certbot
        root         /var/www/html/files.vastspace.ca;

        # Load configuration files for the default server block.
        #include /etc/nginx/default.d/*.conf;

        location / {
        }

	error_page 404 /404.html;
            location = /40x.html {
        }

	error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/vastspace.ca/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/vastspace.ca/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}


##########################################################
    server {
    if ($host = pixel.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = blog.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = social.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = files.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = www.vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = vastspace.ca) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen       80 ;
        listen       [::]:80 ;
    server_name blog.vastspace.ca www.vastspace.ca social.vastspace.ca pixel.vastspace.ca files.vastspace.ca vastspace.ca;
    return 404; # managed by Certbot












}}

Code: Select all

Unit nginx.service has begun starting up.
Feb 07 01:04:28 www nginx[20856]: nginx: [emerg] duplicate listen options for [::]:443 in /etc/nginx/nginx.conf:158
Feb 07 01:04:28 www nginx[20856]: nginx: configuration file /etc/nginx/nginx.conf test failed
Feb 07 01:04:28 www sudo[20843]: pam_unix(sudo:session): session closed for user root
Feb 07 01:04:28 www systemd[1]: nginx.service: control process exited, code=exited status=1
Feb 07 01:04:28 www polkitd[962]: Unregistered Authentication Agent for unix-process:20845:6419698 (system bus name :1.322, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (dis
Feb 07 01:04:28 www systemd[1]: Failed to start The nginx HTTP and reverse proxy server.
-- Subject: Unit nginx.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit nginx.service has failed.

Code: Select all

    listen 443 ssl; # managed by Certbot
Ok, So I can get subdomains loaded on 80. It was the default server string that was messing me up but I am still having issues with SSL.
------------------
Fortune favours the brave.

User avatar
signalsout
Posts: 4
Joined: 2020/02/05 23:01:23
Location: Earth
Contact:

Re: NGINX + Lets Encrypt + Subdomains

Post by signalsout » 2020/02/07 01:28:38

listen [::]:443 ssl ipv6only=on;

remove ipv6only=on so its

listen [::]:443 ssl

I now have subdomains.
------------------
Fortune favours the brave.

Post Reply

Return to “CentOS 7 - Software Support”