If you look at our sample nginx conf you will see how SSL is configured. You will obviously duplicate this conf file for your second app (changing the ports of course).
When you create your certificate, you can have different domain names for a single cert and re-use the same, or generate two different ones and use them in your different nginx files.
We use Let’s encrypt and generate all our domains for a single server so we have a single SSL certificate for all domains and subdomains on that machine.
Forgot to mention, we use tengine and not nginx directly as it comes with load balancer. As DO rolls out a hardware load balancer, we might revert back. That should affect the first few lines (session sticky)
I guess what I’m confused about is, if we have only one entry point on the server (either 80 HTTP or 443 HTTPS), from the URL address bar, how can we tell nginx what subdomain we want to go to?
For example, say I want to go to admin.test.com? From outside the server, admin.test.com goes to the same IP as client.test.com. And when we hit the server, say just port 80, the DNS is just resolving both the request to the same IP. The only difference is the Port on the server. Shouldn’t we be listening on different ports in the nginx config?
I don’t know what your DNS A records look like, but these two subdomains are on the same box, so they have the same IP, right?
How does Nginx understand when you type into the URL bar: status.example.org you want to go to that subdomain instead of pm2.example.org if the IP and Port are the same?
Each server block is defined for a domain or domains listening at a particular port. the domains are mentioned after server_name keyword. Within this block you proxy to the meteor apps defined in the upstream block
Nginx unserstands which URL is being called from the request it is getting. It uses that to handle / route the request. Nginx will listen on two ports which are 80 and 443 (if you follow a normal setup, like you seem to be doing), and handle all requests that come on these two ports.
But the “entry” into the server looks to be sub.domain.org accoring to the server_name (both 80 & 443). I don’t see in the config how it determines which application to route to… for example, here, how would go to https://app_geoforce when it looks like sub.domain.org is the entry point?
Also, do the “location” configs need to map to the meteor apps on the file system? In the example above, would path “/pcodes/” need to map to a meteor app on the file system?
And what about the DNS settings. From my domain provider, I’d like to use admin.test.com and client.test.com A Records – yet they would both point to the same IP Address?
