nginx: "allow" directive in if condition

Question

My web app loads different views based on subdomains, and subdomains are dynamic so I start the virtualhost configuration like this:

server {
listen                       443 ssl http2 default_server;
server_name                   ~^(?<subdomain>.+)\.test\.com$;
add_header                   Strict-Transport-Security "max-age=31536000; includeSubdomains;";
...
}

Later in the server directive, I specify the access control:

  location / {
    root                       /usr/share/webapp/;
    index                      /index.html;
    try_files                  $uri $uri/ =404;
    allow                      my.ip.sub.net/24;
    deny                       all;
  }

Now I want to expose certain subdomains publicly. Trying this:

  location / {
    root                       /usr/share/webapp/;
    index                      /index.html;
    try_files                  $uri $uri/ =404;
    allow                      my.ip.sub.net/24;
    if ($subdomain = publicenv) {
      allow                       all;
    }
    deny                        all;
  }

gives me this error message:

nginx: [emerg] "allow" directive is not allowed here in /etc/nginx/conf.d/https.conf:119

Is it even possible to dynamically load whitelisting options based on a variable?

nginx: "allow" directive in if condition

0 Answers0