Hello,
I turned on IPv6 on my droplet and followed a couple DigitalOcean docs and was able to get a second site running from the same droplet. So, I have one site running with SSL using the IPv4 address and another site with SSL as well (different certificates) using the IPv6 address shown on the droplet’s control panel.
I want to host one more site using another IPv6 address on the same droplet. I followed the instructions on https://www.digitalocean.com/docs/networking/ipv6/how-to/configure-additional-addresses/#enable-new-addresses-on-boot
and setup a second address. I can check using ip -6 addr show eth0
and see my second address there. If I go on a web browser and go directly to that IP I can see the Nginx splash screen.
After that I tried to do another gunicorn socket and service and tested it, it works.
Then I created another Nginx config under /etc/nginx/sites-available/
(config file below) and linked it to /etc/nginx/sites-enabled/
.
I setup my domain to point to the second IPv6 address with my domain registrar and on DigitalOcean.
So, in theory (following what I did for the first IPv6 site) everything should work, but when I go to the second domain/IPv6 address on my web browser I still just get the Nginx splash screen. I personally think it is something wrong with how I setup the Nginx config for both IPv6 sites but after a lot of Googleing I have no idea what is wrong.
Nginx config for FIRST IPv6 site (SSL enabled):
server {
server_name [Pv6:address:1] exampleSite1.com www.exampleSite1.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /path/to/FIRST/site;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/exampleSite1.sock;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
ssl_certificate /path/to/site/fullchain.pem; # managed by Certbot
ssl_certificate_key /path/to/site/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.exampleSite1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = exampleSite1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen [::]:80;
server_name [Pv6:address:1] exampleSite1.com www.exampleSite1.com;
return 404; # managed by Certbot
}
Nginx config for SECOND IPv6 site (can’t run certbot):
server {
server_name [Pv6:address:2] exampleSite2.com www.exampleSite2.com;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /path/to/SECOND/site;
}
location / {
include proxy_params;
proxy_pass http://unix:/run/exampleSite2.sock;
}
}
I hope this all helps. If any more information is needed please let me know.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Apart from what has been said, Hosting multiple websites on a single server, each with its own domain and SSL certificate, doesn’t necessarily require multiple IP addresses. This is a common misconception, especially with the advent of Server Name Indication (SNI) which allows a web server to safely host multiple TLS certificates at the same IP address.
Using SNI, the client sends the hostname as part of the TLS handshake, enabling the server to present the correct certificate. Modern web servers like Nginx and web browsers all support SNI.
Here’s how you can set up multiple sites on a single IP in Nginx:
Define a server block for each website in your Nginx configuration. Each server block should specify the domain names it handles and the path to its SSL certificates.
Example for
exampleSite1.com
:Repeat for
exampleSite2.com
with its own paths to its SSL certificate files.For each site, include a server block to handle HTTP requests and redirect them to HTTPS.
Again, repeat this for
exampleSite2.com
.Place these server blocks in the appropriate Nginx configuration files (
/etc/nginx/sites-available/
), and create symbolic links to them in the/etc/nginx/sites-enabled/
directory.In your DNS settings (at your domain registrar or DNS provider), point both
exampleSite1.com
andexampleSite2.com
to the same IP address of your server.You can use Let’s Encrypt to obtain free SSL certificates for both domains. Run Certbot for each domain separately:
Certbot will automatically modify your Nginx configuration to use the obtained certificates.
After making changes to the configuration, reload Nginx to apply them:
Advantages of Using a Single IP:
By following these steps, you can host multiple SSL-enabled websites on a single server using one IP address. The key is to configure each site in its own server block in Nginx and ensure DNS points all your domains to the same server. This is a standard practice and works well in most hosting environments.
Hey,
Running multiple Django sites using different IPv6 addresses on a single Droplet is an efficient use of resources. However, there are a few things to keep in mind when setting this up. I’ll outline the steps below:
For the second site, you’ll need to explicitly set Nginx to listen on the specific IPv6 address assigned to that site, both for HTTP and HTTPS:
Replace
[ipv6:address:2]
with the actual IPv6 address allocated to your second site. This tells Nginx to listen for incoming connections for that site on this specific address.Since you haven’t run Certbot for the second site, you’ll need to configure SSL manually. Assuming you have the SSL certificates ready:
These lines should be within the server block that listens on port 443. If you don’t have the certificates yet, you’ll need to obtain them before you can serve the site over HTTPS.
Verify Nginx and Domain Configuration:
nginx -t
to test your Nginx configuration for syntax errors.dig
or visiting an online DNS checker.Review Logs for Specific Error Messages:
Confirm that your firewall isn’t blocking connections to the second IPv6 address. If you’re using DigitalOcean’s Cloud Firewall, ensure the rules allow traffic to the second site.
If you intend to use Certbot for SSL on the second site, make sure your Droplet is configured to handle IPv6 correctly, as Let’s Encrypt will need to validate your domain over IPv6 if an AAAA record exists.
After addressing these points, reload Nginx to apply any changes
Changes in DNS can take time to propagate, and you might need to wait a bit before your settings take effect.
Best,
Bobby