Installed Jitsi on One Subdomain; Unable To Configure Another App On Another Subdomain (nginx)

I’m running a home server (Ubuntu 20.04) running nginx, and I’m having a bit of a sticky problem. Brackets around [.com] aren’t meant literally – don’t wanna spam links is all!

SETUP : I have a website (call it example[.com] ) hosted on a VPS, somewhere. I’m trying to configure some webapps that are hosted locally, but accessible via the subdomains of example[.com] . I have one already working, as follows: an A-record on example[.com] redirects foo.example[.com] to the WAN IP of my router, which then forwards ports through NAT to my home server (local IP 192.168.1.69) running nginx. The config file foo.example.com.conf gets accessed in /etc/nginx/sites-enabled (via symlink from a conf file in /etc/nginx/sites-available), and, bada bing bada boom, the thing works! It’s a jitsi-meet instance so I can conduct my own videoconferencing.

GOAL : I’m now trying to set up bar.example[.com] to work in the same way with FluxBB, a php-based messageboard service. (I haven’t set up the A-record for bar.example[.com] yet, for obvious reasons.) I got PHP and MySQL installed on the box, made a little database for it – the basic requirements for install. I then downloaded 1.5.11, unzipped it, moved the contents to /usr/www/bar.example.com. Then I moved to /etc/nginx/sites-available, made the extremely barebones config file bar.example.com.conf, I set up a symlink to sites-enabled, reloaded nginx, confirmed that 192.168.1.69 shows the nginx splash screen. The next step for me is to navigate to the version of the website (locally running via nginx) and open install.php from the root directory of the site, to do more config…

PROBLEM : …but the problem is, I don’t know how to get there. I can access install.php from command line on my server machine, but it just prints the php of the webpage I’d like to be visiting — no use to me! So I’d like to access it from my client computer (on the LAN) but bar.example[.com]/install.php automatically resolves via the DNS of example[.com] , and the subdomain requested doesn’t exist yet, so it returns 404. And while http:// 192.168.1.69/install.php returns nothing, https:// 192.168.1.69/install.php throws an invalid cert flag, and if continued through, interprets “install.php” as a room name for jitsi-meet.

Any ideas on how to proceed? Do I truly have to install a command line web browser on my server, or worse, a GUI? I’m going to include the three .conf files (for nginx, jitsi, and the fluxbb). I’m wondering if my jitsi config is interfering with things – hence my posting here. And before I go, thank you all so much for being part of this community and making this software available.

/etc/nginx/nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
        worker_connections 768;
        # multi_accept on;
}

http {

        ##
        # Basic Settings
        ##

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;

        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ##
        # SSL Settings
        ##

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        ##
        # Logging Settings
        ##

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        ##
        # Gzip Settings
        ##

        gzip on;

        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

        ##
        # Virtual Host Configs
        ##

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}


#mail {
#       # See sample authentication script at:
#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#       # auth_http localhost/auth.php;
#       # pop3_capabilities "TOP" "USER";
#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#       server {
#               listen     localhost:110;
#               protocol   pop3;
#               proxy      on;
#       }
# 
#       server {
#               listen     localhost:143;
#               protocol   imap;
#               proxy      on;
#       }
#}

/etc/nginx/sites-available/bar.example.com.conf

server {
    listen 80;
    listen [::]:80;
    root /var/www/bar.example.com;
    index  index.php index.html index.htm;
    server_name  bar.example.com www.bar.example.com;

    location / {
    try_files $uri $uri/ @rewriteapp;        
    }

    location /install/ {
     try_files $uri $uri/ @rewrite_installapp;
    }

    location ~ \.php(/|$) {
    fastcgi_split_path_info  ^(.+\.php)(/.+)$;
    fastcgi_index            index.php;
    fastcgi_pass             unix:/var/run/php/php7.2-fpm.sock;
    include                  fastcgi_params;
    fastcgi_param   PATH_INFO       $fastcgi_path_info;
    fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    try_files $uri $uri/ /install/app.php$is_args$args;
    }

     location @rewrite_installapp {
      rewrite ^(.*)$ /install/app.php/$1 last;
     }

}

/etc/nginx/sites-available/foo.example.com.conf

server_names_hash_bucket_size 64;

server {
    listen 80;
    listen [::]:80;
    server_name foo.example.com;

    location ^~ /.well-known/acme-challenge/ {
       default_type "text/plain";
       root         /usr/share/jitsi-meet;
    }
    location = /.well-known/acme-challenge/ {
       return 404;
    }
    location / {
       return 301 https://$host$request_uri;
    }
}
server {
    listen 4444 ssl http2;
    listen [::]:4444 ssl http2;
    server_name foo.example.com;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";

    add_header Strict-Transport-Security "max-age=31536000";

    ssl_certificate /etc/letsencrypt/live/foo.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/foo.example.com/privkey.pem;

    root /usr/share/jitsi-meet;

    # ssi on with javascript for multidomain variables in config.js
    ssi on;
    ssi_types application/x-javascript application/javascript;

    index index.html index.htm;
    error_page 404 /static/404.html;

    gzip on;
    gzip_types text/plain text/css application/javascript application/json;
    gzip_vary on;

    location = /config.js {
        alias /etc/jitsi/meet/foo.example.com-config.js;
    }

    location = /external_api.js {
        alias /usr/share/jitsi-meet/libs/external_api.min.js;
    }

    #ensure all static content can always be found first
    location ~ ^/(libs|css|static|images|fonts|lang|sounds|connection_optimization|.well-known)/(.*)$
    {
        add_header 'Access-Control-Allow-Origin' '*';
        alias /usr/share/jitsi-meet/$1/$2;
    }

    # BOSH
    location = /http-bind {
        proxy_pass      http://localhost:5280/http-bind;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $http_host;
    }

    # xmpp websockets
    location = /xmpp-websocket {
        proxy_pass http://127.0.0.1:5280/xmpp-websocket?prefix=$prefix&$args;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        tcp_nodelay on;
    }

    location ~ ^/([^/?&:'"]+)$ {
        try_files $uri @root_path;
    }

    location @root_path {
        rewrite ^/(.*)$ / break;
    }

    location ~ ^/([^/?&:'"]+)/config.js$
    {
       set $subdomain "$1.";
       set $subdir "$1/";

       alias /etc/jitsi/meet/foo.example.com-config.js;
    }

    #Anything that didn't match above, and isn't a real file, assume it's a room name and redirect to /
    location ~ ^/([^/?&:'"]+)/(.*)$ {
        set $subdomain "$1.";
        set $subdir "$1/";
        rewrite ^/([^/?&:'"]+)/(.*)$ /$2;
    }

    # BOSH for subdomains
    location ~ ^/([^/?&:'"]+)/http-bind {
        set $subdomain "$1.";
        set $subdir "$1/";
        set $prefix "$1";

        rewrite ^/(.*)$ /http-bind;
    }

    # websockets for subdomains
    location ~ ^/([^/?&:'"]+)/xmpp-websocket {
        set $subdomain "$1.";
        set $subdir "$1/";
        set $prefix "$1";

        rewrite ^/(.*)$ /xmpp-websocket;
    }
}

hi all! the fix was extremely simple – just needed to set /etc/hosts on my client computer so that the URL I needed directed to my local IP instead of the website. please let me know if I should delete this topic, or if a mod could add [solved] to the title. happy days :slight_smile: