DEV Community

S.M. Khalid Mahmud
S.M. Khalid Mahmud

Posted on • Edited on

How to accessible multiple services via different domain or subdomain in DO droplet by Nginx

First, ensure that Nginx is installed on droplet. If it’s not installed, then install it using:

sudo apt update
sudo apt install nginx
Enter fullscreen mode Exit fullscreen mode

Before configuring Nginx, the firewall needs to be adjusted to allow access to the service. Nginx registers itself as a service with ufw upon installation, making it straightforward to allow Nginx access.

You can show ufw app list by typing:

sudo ufw app list
Enter fullscreen mode Exit fullscreen mode

Then enable Nginx by typing:

sudo ufw allow 'Nginx Full'
Enter fullscreen mode Exit fullscreen mode

Now, you can verify the change by typing:

sudo ufw status
Enter fullscreen mode Exit fullscreen mode

To avoid a possible hash bucket memory problem that can arise from adding additional server names, it is necessary to adjust a single value in the /etc/nginx/nginx.conf file. Open the file using:

sudo nano /etc/nginx/nginx.conf
Enter fullscreen mode Exit fullscreen mode

And, find the server_names_hash_bucket_size directive and remove the # symbol to uncomment the line.

Here you will need to SSL/TLS Certificate also, so you need for that Let’s Encrypt using:

sudo apt update
sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d example.com -d www.example.com
Enter fullscreen mode Exit fullscreen mode

To automatically renew SSL/TLS certificates obtained with Let’s Encrypt using Certbot, you can set up a cron job.

sudo crontab -e
Enter fullscreen mode Exit fullscreen mode

Then add this line at the bottom: 0 0,12 * * * certbot renew --quiet

Now, you need to create an Nginx configuration file for each service after successful all steps. Each configuration file will handle requests for a specific domain or subdomain and proxy them to the appropriate Docker container.

Assuming you have a Next.js project running on port 3000, and you want to serve it on example.com, then you can create a configuration file like -

sudo nano /etc/nginx/sites-available/example.com
Enter fullscreen mode Exit fullscreen mode

And add below blocks on this file :

server {
  listen 80;
  listen [::]:80;
  server_name example.com www.example.com;

  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name example.com www.example.com;

  ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-CCM:ECDHE-RSA-AES256-CCM:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384';
  ssl_prefer_server_ciphers on;

  location / {
    proxy_pass http://localhost:3000;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Host $host;
  }
}
Enter fullscreen mode Exit fullscreen mode

If you have multiple service, you can create additional configuration files, for example:
/etc/nginx/sites-available/service1.example.com
/etc/nginx/sites-available/service2.example.com

Each file will have a similar structure, just make sure to replace the server_name and proxy_pass with appropriate values.

Also must be linked your configuration files with /etc/nginx/sites-enabled/ to enable them:

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/service1.example.com /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/service2.example.com /etc/nginx/sites-enabled/
Enter fullscreen mode Exit fullscreen mode

Note: Always test your Nginx configuration before restarting:

sudo nginx -t
Enter fullscreen mode Exit fullscreen mode

If the test is successful, restart Nginx to apply the changes:

sudo systemctl restart nginx
Enter fullscreen mode Exit fullscreen mode

Top comments (0)