Managing multiple sites from single server using Nginx

info.txt

Short note on how to manage multiple sites with SSL from Nginx

make domainOne.com domainTwo.com file in

/etc/nginx/sites-available

Contents of domainOne.com will look like this once done

server {
        server_name domainOne.com www.domainOne.com;
        root /home/domainOne-com;

        index index.html;
        location / {
                try_files $uri $uri/ =404;
        }

        listen 443 ssl;
        ssl on;
        ssl_certificate /etc/letsencrypt/live/domainOne.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/domainOne.com/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
        if ($host = www.domainOne.com) {
                return 301 https://$host$request_uri;
        } # managed by Certbot

        if ($host = domainOne.com) {
                return 301 https://$host$request_uri;
        } # managed by Certbot
        return 404; # managed by Certbot
}


And contents of domainTwo.com will look like this once done


server {
        server_name domainTwo.com www.domainTwo.com;
        root /home/domainTwo-com;

        index index.html;
        location / {
                try_files $uri $uri/ =404;
        }

        listen 443 ssl;
        ssl on;
        ssl_certificate /etc/letsencrypt/live/domainTwo.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/domainTwo.com/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

server {
        if ($host = www.domainTwo.com) {
                return 301 https://$host$request_uri;
        } # managed by Certbot

        if ($host = domainTwo.com) {
                return 301 https://$host$request_uri;
        } # managed by Certbot

        listen 80;
        listen [::]:80;
#        server_name domainTwo.com www.domainTwo.com;
        return 404; # managed by Certbot
}

Once these files are created, we can enable them with a symbolic link:
ln -s /etc/nginx/sites-available/domainTwo.com /etc/nginx/sites-enabled/domainTwo.com
ln -s /etc/nginx/sites-available/domainOne.com /etc/nginx/sites-enabled/domainOne.com


To Install Let's Encrypt

First, add the repository:
sudo add-apt-repository ppa:certbot/certbot

Install Certbot’s Nginx package with apt:
sudo apt install python-certbot-nginx

Obtaining an SSL Certificate
sudo certbot --nginx -d example.com -d www.example.com
This runs certbot with the --nginx plugin, using -d to specify the names we’d like the certificate to be valid for.

Verifying Certbot Auto-Renewal
sudo certbot renew --dry-run



Confirming Nginx’s Configuration
sudo nginx -t
sudo systemctl reload nginx
or
sudo systemctl restart nginx
sudo systemctl status nginx


Nginx let's encrypt installation notes taken from
https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04

Enable your Server Blocks

When we have server block files, we need to enable them. We can do this by creating symbolic links from these files to the sites-enabled directory, which Nginx reads from during startup.

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

Reference from DigitalOcean