본문 바로가기
서버

nginx - SSL 도메인 별로 다르게 적용하기

탐훈 2025. 9. 29. 18:39
728x90

1. 두개 도메인의 SSL 얻기

 

sudo certbot certonly --standalone -d 도메인1
sudo certbot certonly --standalone -d 도메인2

 

 

2. nginx conf 파일 수정하기

 

도메인1 전용과

도메인2 전용을

 

server_name 값으로 확인하여 

따로 SSL을 적용한다.

 

# 도메인1 전용
server {
    listen 443 ssl;
    server_name 도메인1;

    ssl_certificate /etc/nginx/fullchain.pem;
    ssl_certificate_key /etc/nginx/privkey.pem;

    # Frontend
    location / {
        proxy_pass http://172.19.0.5:3000;  # Next.js container
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # Backend (Spring Boot)
    location /api/ {
        proxy_pass http://172.19.0.6:30000;  # Spring Boot backend container
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    
   location /uploads/ {
      proxy_pass http://172.19.0.6:30000;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      add_header Cache-Control "public, max-age=86400";
    }
}

server {
    listen 80;
    server_name 도메인1;

    location / {
        return 301 https://$host$request_uri;
    }
}


#도메인2전용
server {
    listen 443 ssl;
    server_name 도메인2;

    ssl_certificate /etc/nginx/fullchain.pem;
    ssl_certificate_key /etc/nginx/privkey.pem;

    # Frontend (Next.js)
    location / {
        proxy_pass http://172.19.0.5:3000;  # Next.js container
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    # Backend (Spring Boot)
    location /api/ {
        proxy_pass http://172.19.0.6:30000;  # Spring Boot backend container
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    
   location /uploads/ {
      proxy_pass http://172.19.0.6:30000;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      add_header Cache-Control "public, max-age=86400";
    }
}

server {
    listen 80;
    server_name 도메인2;

    location / {
        return 301 https://$host$request_uri;
    }
}

'서버' 카테고리의 다른 글

nginx - Permission Denied 에러  (0) 2025.10.04
시놀로지 자바설치  (0) 2025.10.03
nginx - Port Forwarding 서버 구조에서 Let's encrypt SSL 안되는 현상  (0) 2025.09.29
ssl 적용 대상인지 확인  (0) 2025.09.29
[홈서버 router 셋팅] - Mikrotik 앱으로 라우터 연결하는 방법 (mikrotic - rg750gr3)  (0) 2025.09.25

'서버' Related Articles

티스토리툴바