|
|
|
|
|
|
by merpkz
436 days ago
|
|
|
I got something similar running with nginx myself with purpose of getting access to my internal services from outside. The main idea here is that internal services are not on same machine this nginx is running on, so it will pass around to needed server in internal network. It goes like this: server_name ~^(?<service>(?:lubelogger|wiki|kibana|zabbix|mail|grafana|git|books|zm))\.domain\.example$;
location / {
resolver 127.0.0.1;
include proxy.conf;
proxy_set_header Authorization "";
proxy_set_header Host $service.internal;
proxy_set_header Origin http://$service.internal;
proxy_redirect http://$proxy_host/ /;
proxy_pass http://$service.internal;
}
Basically any regex matched subdomain is extracted and resolved as $service.internal and proxy passed to it. For this to work, of course any new service has to be registered in internal DNS. Adding whitelisted IPs and basic auth is also a good idea ( which I have, just removed from example ). |
|
|