←back to thread

.localhost Domains

(inclouds.space)
301 points todsacerdoti | 4 comments | 10 Apr 25 14:19 UTC | HN request time: 0.204s | source
1. sigil ◴[10 Apr 25 16:41 UTC] No.43645675[source]
This nginx local dev config snippet is one-and-done:

  # Proxy to a backend server based on the hostname.
  if (-d vhosts/$host) {
    proxy_pass http://unix:vhosts/$host/server.sock;
    break;
  }
Your local dev servers must listen on a unix domain socket, and you must drop a symlink to them at eg /var/lib/nginx/vhosts/inclouds.localhost/server.sock.

Not a single command, and you still have to add hostname resolution. But you don't have to programmatically edit config files or restart the proxy to stand up a new dev server!

replies(2): >>43646370 #>>43647735 #
2. ku1ik ◴[10 Apr 25 17:48 UTC] No.43646370[source]
This is neat!
3. hn92726819 ◴[10 Apr 25 20:26 UTC] No.43647735[source]
I'm not that familiar with nginx config. Does this protect against path traversal? Ex: host=../../../docker.sock
replies(1): >>43647790 #
4. sigil ◴[10 Apr 25 20:34 UTC] No.43647790[source]
nginx validates hostnames per the spec, and to your question specifically it rejects requests that would put a slash in $host: https://github.com/nginx/nginx/blob/b6e7eb0f5792d7a52d2675ee...