server1 (main)
upstream debian {
server 172.168.10.3:666;
}
server {
listen 80;
server_name wwwwwwwwwwwwwwwwwwwww.com;
location / {
proxy_pass http://debian/;
proxy_http_version 1.1;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server2 (sub)
server {
listen 666 default_server;
listen [::]:666 default_server;
root /path/to/www;
index index.html;
server_name localhost 127.0.0.1 172.168.10.3;
location / {
allow 172.168.10.4;
deny all;
root /path/to/www;
index index.html;
try_files $uri $uri/ =404;
}
}
If error
# tail -f /var/log/nginx/error_log
2025/04/24 20:33:20 [crit] 2929#2929: *7 stat() "/path/to/www/" failed (13: Permission denied), client: 172.168.10.4, server: localhost, request: "GET / HTTP/1.1", host: "wwwwwwwwwwwwwwwwwwwww.com"
Check
# sudo -u www-data stat /path/to/www
stat: cannot statx '/path/to/www': Permission denied
# ls -al
drwxr-xr-x 3 root root 4096 Apr 24 17:01 to
Then
# sudo groupadd www-data
# sudo adduser www-data www-data
Adding user `www-data' to group `www-data' ...
Done.
# sudo chmod -R 770 /path/to/www
# sudo chown -R www-data:www-data /path/to/www
# sudo chown -R www-data:www-data /path/to
# sudo chown -R www-data:www-data /path
It works!