I have a setup where a server running nginx will be the front-end and also a load balancer that will upstream to a number of other servers which will be backend.
What I currently have is the webservers running nginx and reverse proxying to apache2 running on port 8000.
The idea is to have visitors first log in to the subdomain apps.xxxx.xxx which contains a list of all the companies applications. Upon clicking on one, then you get redirected to one of the apps which also has it's own login credentials that will be provided to potential customers to have a test run before purchasing.
All these apps are required to run from the one domain but from different paths.
Eg. apps.xxxx.xxx/app1 appps.xxxx.xxx/app2
Find attached my nginx config on the app servers
server {
listen 80 default_server;
root /home/MY_NAME/myapp/public;
index index.html index.htm index.php;
server_name _;
#location / {
# try_files $uri $uri/ /index.php$is_args$args;
#}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
}
location / {
proxy_pass http://SAME_SERVER:8000;
include proxy_params;
#try_files $uri $uri/ /index.php$is_args$args;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
sendfile off;
client_max_body_size 100m;
location ~ /\.ht {
deny all;
}
location ~ /.well-known {
allow all;
}
}
Related
When use start certbot container in Docker, the result is nginx container running, while certbot container's state is Exit.
Attaching to multilaradock_certbot_1
certbot_1 | Requested domain "fake.domain.com" is not a FQDN
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/"fake.domain.com"/cert1.pem': No such file or directory
Nginx configuration my site site_name.conf
server {
listen 80;
listen [::]:80;
server_name site_name.uz www.site_name.uz;
root /var/www/site/frontend/web;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
expires 20d; # 20
}
# ACME challenge
location /.well-known/acme-challenge/ {
root /var/www/letsencrypt/;
log_not_found off;
}
error_log /var/log/nginx/app_error.log;
access_log /var/log/nginx/app_access.log;
}
How can we correct this mistake?
You should fix the domain name in your docker-compose -file.
Currently your domain name is "fake.domain.com" and it should be fake.domain.com
I'm trying to port an conf file from Nginx to Apache. Right now my collegue running with Nginx, but I use Apache instead of Nginx.
The nginx configuration looks like this:
server {
listen 80;
server_name MY_SERVER_NAME;
root /DIR_PROJECT/web;
//Angular
location / {
root /DIR_PROJECT/web/front;
try_files $uri /index.html;
}
location ~ ^/(uploads)(/.*)$ {
root /DIR_PROJECT/app/data;
}
//Symfony
location ~ ^/(assets|bundles)(/.*)$ {
#try to serve file directly, fallback to app.php
try_files $uri /app.php$is_args$args;
}
location ~ ^/(app_dev|config)\.php(/|$) {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME$document_root$fastcgi_script_name;
fastcgi_buffer_size 32k;
fastcgi_buffers 256 32k;
fastcgi_max_temp_file_size 0;
include fastcgi_params;
}
error_log /DIR_PROJECT/app/logs/error.log;
access_log /DIR_PROJECT/app/logs/access.log;
}
I want change it to apache configuration. How I can do that?
Thanks.
I had letsencrypt cert installed before , but then it got expired and now i am not able to renew it .
so I am trying to switch off the SSL i have removed the code related with SSL but still the url is redirecting to https.
server {
listen 80 ;
listen [::]:80 ipv6only=on;
root /var/www/laravel/public;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name domain.in www.domain.in;
ssl off;
#charset utf-8;
#include h5bp/basic.conf;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
location ~* \.(css|js|gif|jpe?g|png)$ {
expires 168h;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ /.well-known {
allow all;
}
location ~ \.php$ {
try_files $uri =404;
client_max_body_size 1024M;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
Any Idea how to fix this issue
Thanks
After installing Owncloud on my server, on a subdomain (let's say) cloud.motherboard.fr, I have the issue that all my https requests (like https://hey.motherboard.fr) redirect to the following Owncloud page :
while going to https://hey.motherboard.fr
So I guess that my Nginx configuration redirect all https connections to Owncloud. Here is my configuration file :
upstream php-handler {
server 127.0.0.1:9000;
# server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name cloud.motherboard.fr; #YourIP or domain
return 301 https://$server_name$request_uri; # redirect all to use ssl
}
server {
listen 443 ssl;
server_name cloud.motherboard.fr; #YourIP or domain
#SSL Certificate you created
ssl_certificate /etc/nginx/cert/owncloud.crt;
ssl_certificate_key /etc/nginx/cert/owncloud.key;
# owncloud path
root /var/www/cloud/owncloud/;
client_max_body_size 10G; # set max upload size
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
# Optional: set long EXPIRES header on static assets
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
}
It looks like it comes from the two first server block, but I didn't managed to change it. Can it have a link with php-pfm ?
My hey.motherboard.fr configuration is pretty simple :
server {
server_name hey.motherboard.fr;
location / {
root /var/www/hey;
index index.html index.htm;
}
}
I have nginx web server installed and https domain. I want to make a sub-directory /dap in root folder to use http and exclude from ssl. Please guide me through this.
My /etc/nginx/sites-available virtual host file for this domain is as below,
# WPSINGLE FAST CGI NGINX CONFIGURATION
server {
listen 198.27.70.206:80;
server_name howtofightnow.com;
return 301 https://howtofightnow.com$request_uri;
}
server {
listen 443 ssl;
server_name howtofightnow.com;
ssl on;
ssl_certificate /etc/nginx/ssl/howtofightnow_com.pem;
ssl_certificate_key /etc/nginx/ssl/server.key;
#listen 198.27.70.206:80;
#server_name howtofightnow.com;
access_log /var/log/nginx/howtofightnow.com.access.log rt_cache;
error_log /var/log/nginx/howtofightnow.com.error.log;
root /var/www/howtofightnow.com/htdocs;
index index.php index.htm index.html;
location /zabbix {
if ($scheme ~ ^http:){
rewrite ^(.*)$ https://$host$1 permanent;
}
alias /usr/share/zabbix;
index index.php;
error_page 403 404 502 503 504 /zabbix/index.php;
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
expires epoch;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_pass php;
}
location ~ \.(jpg|jpeg|gif|png|ico)$ {
access_log off;
expires 33d;
}
}
# Use Cached Or Actual File If They Exists, Otherwise Pass Request To WordPress
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ .php$ {
try_files $uri /index.php?args;
include fastcgi_params;
fastcgi_pass php;
}
location /vma {
root /usr/local/vimbadmin/public ;
try_files $uri $uri/ /index.php?$args;
location ~ .php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php;
}
}
rewrite ^/index.php/register/thanks(.*) /register/thanks$1 permanent;
include /etc/nginx/common/locations.conf;
}
Simply add this location (/dap) to your http server section, plus add a separate root location, as following:
server {
listen 198.27.70.206:80;
server_name howtofightnow.com;
location / {
return 301 https://howtofightnow.com$request_uri;
}
location /dap/ {
# specific rules for this location go here
}
}