Nginx

From KevinWiki

(Difference between revisions)
Jump to: navigation, search
Line 155: Line 155:
</pre>
</pre>
 +
 +
= Trac =
 +
 +
== nginx.conf ==
 +
<pre>
 +
http {
 +
 +
# ...
 +
 +
  upstream trachosts {
 +
    server  127.0.0.1:3050;
 +
  }
 +
 +
}
 +
</pre>
 +
 +
== Site File ==
 +
<pre>
 +
server {
 +
  listen      443;
 +
  listen      127.0.0.1:443;
 +
  server_name trac.localhost;
 +
 +
  ssl on;
 +
  ssl_certificate /etc/ssl/certs/server.crt;
 +
  ssl_certificate_key /etc/ssl/private/server.key;
 +
 +
  location / {
 +
    proxy_pass      http://trachosts;
 +
#  include        /etc/nginx/proxy.conf;
 +
  }
 +
 +
  location ~ /[^/]+/login {
 +
    proxy_pass      http://trachosts;
 +
    auth_basic "Restricted";
 +
    auth_basic_user_file /path/to/.htpasswd/.htpasswd;
 +
    proxy_pass_header Authorization;
 +
  }
 +
}
 +
 +
server {
 +
  listen      80;
 +
  listen      127.0.0.1:80;
 +
  server_name trac.localhost;
 +
 +
  location / {
 +
    proxy_pass      http://trachosts;
 +
#  include        /etc/nginx/proxy.conf;
 +
#    proxy_redirect on;
 +
#    proxy_set_header Host $host;
 +
  }
 +
 +
  location ~ /[^/]+/login {
 +
##    proxy_pass http://localhost:8000;
 +
#    proxy_pass      http://trachosts;
 +
##    auth_digest "developer";
 +
##    auth_digest_user_file /path/to/.htdigest/.htdigest;
 +
##    proxy_pass_header Authorization;
 +
#    auth_basic "Restricted";
 +
#    auth_basic_user_file /path/to/.htpasswd/.htpasswd;
 +
#    proxy_pass_header Authorization;
 +
 +
    rewrite  ^/([^/]+)/login  https://trac.localhost/$1/login  break;
 +
  }
 +
}
 +
</pre>

Revision as of 14:11, 1 January 2013

NginX is a lightweight open source Web server .

Contents

Installation

$ sudo apt-get install nginx

Latest Stable

  • To get the latest stable version

Add the following repo info to /etc/apt/sources.list

deb http://nginx.org/packages/ubuntu/ precise nginx
deb-src http://nginx.org/packages/ubuntu/ precise nginx
  • Add Key
wget -q http://nginx.org/packages/keys/nginx_signing.key -O- | sudo apt-key add - 
  • Install

Get error like

----------------------------------------------------------------------
dpkg: error processing /var/cache/apt/archives/nginx_1.2.6-1~precise_amd64.deb (--unpack):
 trying to overwrite '/etc/logrotate.d/nginx', which is also in package nginx-common 1.1.19-1ubuntu0.1
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Errors were encountered while processing:
 /var/cache/apt/archives/nginx_1.2.6-1~precise_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
$ sudo apt-get remove nginx-common 
$ sudo apt-get install nginx 
  • PROBLEM: NO extra modules.

Configuration

Remove Server Info

Version

Modify /etc/nginx/nginx.conf

  server_tokens off;

Server Info in Response Header

  • Remove server info in the response header

Install extra modules for changing header

$ sudo apt-get install nginx-extras 
  • Add the following line to the http block in the /etc/nginx/nginx.conf.
  more_set_headers 'Server: server';

Virtual Host

Default

server {
  listen      80;
  listen      127.0.0.1:80;
  server_name localhost;
  root        /var/www;
  index       index.html index.htm;

  location / {
    index     index.html index.htm;
  }
}
  • For SSL
server {
  listen      443 ssl;
  listen      127.0.0.1:443;
  server_name	localhost;
  root				/var/www;
  index       index.php index.html index.htm;

  ssl on;
  ssl_certificate /etc/ssl/certs/server.crt;
  ssl_certificate_key /etc/ssl/private/server.key;

  location / {
    index     index.php index.html index.htm;
  }
}
  • Restart Nginx
$ sudo /etc/init.d/nginx restart 

PHP

$ sudo apt-get install php5-fpm
server {
  listen      80;
  listen      127.0.0.1:80;
  server_name localhost;
  root        /var/www;
  index       index.php index.html index.htm;

  location / {
    index     index.php index.html index.htm;
  }

  location ~ \.php$ {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
  }
}
  • Restart php5-fpm
$ sudo /etc/init.d/php5-fpm 


Use with Tomcat

server {
  listen      80;
  listen      127.0.0.1:80;
  server_name localhost;
  root        /var/www;

  location /manager {
    proxy_pass              http://localhost:8080;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        Host $http_host;
  }
}
  • Add a new file to /etc/nginx/sites-available/
server {
  listen          80;
  listen          127.0.0.1:80;
  server_name     demo.localhost;
  root            /path/to/tomcat/webapps;
  
  location / {
    proxy_pass              http://localhost:8080;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        Host $http_host;
  }

  location ^/$ {
    proxy_pass              http://localhost:8080/default-app;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        Host $http_host;
  }
}


Trac

nginx.conf

http {

# ...

  upstream trachosts {
    server  127.0.0.1:3050;
  }

}

Site File

server {
  listen      443;
  listen      127.0.0.1:443;
  server_name trac.localhost;

  ssl on;
  ssl_certificate /etc/ssl/certs/server.crt;
  ssl_certificate_key /etc/ssl/private/server.key;

  location / {
    proxy_pass      http://trachosts;
#   include         /etc/nginx/proxy.conf;
  }

  location ~ /[^/]+/login {
    proxy_pass      http://trachosts;
    auth_basic "Restricted";
    auth_basic_user_file /path/to/.htpasswd/.htpasswd;
    proxy_pass_header Authorization;
  }
}

server {
  listen      80;
  listen      127.0.0.1:80;
  server_name trac.localhost;

  location / {
    proxy_pass      http://trachosts;
#   include         /etc/nginx/proxy.conf;
#    proxy_redirect on;
#    proxy_set_header Host $host;
  }

  location ~ /[^/]+/login {
##    proxy_pass http://localhost:8000;
#    proxy_pass      http://trachosts;
##    auth_digest "developer";
##    auth_digest_user_file /path/to/.htdigest/.htdigest;
##    proxy_pass_header Authorization;
#    auth_basic "Restricted";
#    auth_basic_user_file /path/to/.htpasswd/.htpasswd;
#    proxy_pass_header Authorization;

    rewrite  ^/([^/]+)/login  https://trac.localhost/$1/login  break;
  }
}


Example

server {
  listen      443 ssl;
  listen      127.0.0.1:443;
  server_name localhost;
  root        /var/www;
  index       index.php index.html index.htm;

  ssl on;
  ssl_certificate /etc/ssl/certs/server.crt;
  ssl_certificate_key /etc/ssl/private/server.key;

  location / {
    index     index.php index.html index.htm;
  }

  location /manager {
    proxy_pass              http://localhost:8080;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        Host $http_host;
  }

  location ~ \.php$ {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
  }
}

server {
  listen      80;
  listen      127.0.0.1:80;
  server_name localhost;
  root        /var/www;
  index       index.php index.html index.htm;

  location / {
    index     index.php index.html index.htm;
  }

  location /manager {
    proxy_pass              http://localhost:8080;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        Host $http_host;
  }

  location ~ \.php$ {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include fastcgi_params;
  }
}
Personal tools