So, the rant server is slowly getting moved over to my new Xen/Enomalism based, s00per chr00ted nginx/fastcgi installation. Everything is going rather well. Safe mode didn't break anything (so far), and smf forum was a breeze to set up again.

One neat thing I started working on was wildcard DNS based subdomains. Rant has a LOAD of different domains, all living in subdomains of the main vhost. The old method was a bunch of different vhost definitions, but since I didn't feel like re-entering them in the new nginx method, I figured I would come up with a better way.

More after the break...

The new way is like this: if the domain is a subdomain of YOURDOMAIN.COM, ie: foo.YOURDOMAIN.COM, the vhost basedir is derived from the host name. This means that in the folder /your/vhost/path/YOURDOMAIN.COM contains a folder called foo.YOURDOMAIN.COM (nginx automagically fixes upper case domains, btw), which is the webroot for your new domain name. The other nice thing here is you can have "virtual" mirroring, with YOURDOMAIN/foo.YOURDOMAIN.COM and foo.yourdomain.com being the same exact codebase.

NGINX makes this ridiculously easy. VHOST file ( /PATH/TO/NGINX/conf/vhosts/20_your_wildcard_domain.conf )looks like this:

    server {
        # Replace this port with the right one for your requirements
        listen       80;  #could also be 1.2.3.4:80

        # Multiple hostnames seperated by spaces.  Replace these as well.
        server_name  star.yourdomain.com *.yourdomain.com www.*.yourdomain.com;  
        root /PATH/TO/yourdomain.com/$host;
        error_page  404              http://yourdomain.com/errors/404.html;
        access_log  logs/star.yourdomain.com.access.log;
        location / {
            root   /PATH/TO/yourdomain.com/$host/;
            index  index.php;
        }

        # serve static files directly
        location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|html)$ {
            access_log        off;
            expires           30d;
        }

        location ~ .php$ {
          # By all means use a different server for the fcgi processes if you need to
          fastcgi_pass   127.0.0.1:YOURFCGIPORTHERE;  
          fastcgi_index  index.php;

          fastcgi_param  SCRIPT_FILENAME  /PATH/TO/yourdomain.com/$host/$fastcgi_script_name;
          fastcgi_param  QUERY_STRING     $query_string;
          fastcgi_param  REQUEST_METHOD   $request_method;
          fastcgi_param  CONTENT_TYPE     $content_type;
          fastcgi_param  CONTENT_LENGTH   $content_length;
          fastcgi_intercept_errors on;
        }

        location ~ /\.ht {
            deny  all;
        }
     }

Basically, what is happening here is that nginx does a replacement on the hostname requested for the domain virtual directory. This means that you can have any host name at all, and it will make an attempt at finding that hosting folder (or symbolic link). I STRONGLY recommend using open_basedir and safe mode with this configuration (actually, I recommend that anyways, but this is especially scary). If somebody gets really weird, they could pass illegal domain names directly into the nginx server to try and traverse folders. Open_basedir will prevent that.