Is there a configuration I can use with nginx that would serve all static content for all wbsites on port 80 and all dynamic content would be forwarded to apache on port 8080? Preferably I would like to not have to change anything in apache vhosts other than port
Where can I find such working configuration?
Here's a good example; http://wiki.nginx.org/FullExample
Special emphasis on this part;
server { # simple reverse-proxy
listen 80;
server_name domain2.com www.domain2.com;
access_log logs/domain2.access.log main;
# serve static files
location ~ ^/(images|javascript|js|css|flash|media|static)/ {
root /var/www/virtual/big.server.com/htdocs;
expires 30d;
}
# pass requests for dynamic content to rails/turbogears/zope, et al
location / {
proxy_pass http://127.0.0.1:8080;
}
}
Related
I´m securing an Nginx server with SSL and I have a question. I have two virtual servers one for http listening in port 80 and the https listening in 443 like this:
# HTTP server
server {
listen 80;
server_name localhost;
...
# many configuration rules here for caching, etc
}
# HTTPS server
server {
listen 443 ssl;
server_name localhost;
...
}
The question is, do I need to duplicate all the configuration rules that I have in the http version into my https version? Is there any way to avoid duplicate all these rules?
UPDATE
I´m trying to config with an include according to #ibueker answer. Looks easy but somehow is not working. Does the include need to be inside a location? Example attached:
# HTTP server
server {
listen 80;
server_name localhost;
...
include ./wpo
}
Where wpo file is in the same path, and it´s like:
# Expire rules for static content
# RCM: WPO
# Images
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
root /home/ubuntu/env/production/www/yanpy/app;
expires 1w;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
root /home/ubuntu/env/production/www/yanpy/app;
expires 1w;
add_header Cache-Control "public";
}
# cache.appcache, your document html and data
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
root /home/ubuntu/env/production/www/yanpy/app;
expires -1;
}
You can put them in another file and include them for both server blocks.
include /path/to/file;
I'm using Nginx within a Doccker container to host my application
I'm trying to configure Nginx to proxy traffic to the /.well-known/ directory to another container that handles the letsencrypt process to setup & renew SSL certificates, but I don't need that container to be running all the time, only when attempting to renew the certificates.
My idea was to use proxy_pass for the directory specific traffic, through to the leysencrypt container, but as it's not always running, the Nginx process exits complaining that the upstream is not available.
Is there a way to configure Nginx not to check the status of the upstream for proxy_pass setting?
Here's the current config, if it's useful…
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name domain.com;
root /var/www/html/web;
location / {
return 301 https://$host$request_uri;
}
location ^~ /.well-known/ {
proxy_pass http://letsencrypt/.well-known/;
}
}
I guess I could use an in app forwarding of files, but this feels clunky. I'd rather configure it within Nginx.
location ^~ /.well-known/ {
resolver 127.0.0.1;
set $upstream letsencrypt;
proxy_pass http://$upstream/.well-known/; # use variables to make nginx startable
}
I haven't seen anything related to this topic on Google and since I'm a newbie on Nginx I'd like to ask a question about load balancing: I have a dedicated server currently running Apache with multiple accounts and domains. I'd like to switch to Nginx and set up a load balance only for one of these domains (mydomain1.com) to load balance traffic between this dedicated server and another 3 ones. I have the following Nginx config (/etc/nginx/conf.d/default.conf) on my dedicated server:
upstream mywebsite1 {
ip_hash;
server xxx.xxx.xxx.196 weight=1 max_fails=3 fail_timeout=15s;
server xxx.xxx.xxx.67 weight=1 max_fails=3 fail_timeout=15s;
server xxx.xxx.xxx.201 weight=1 max_fails=3 fail_timeout=15s;
}
server {
listen 80;
server_name mywebsite1.com;
access_log /var/log/nginx/proxy.log;
location / {
proxy_pass http://mywebsite1;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
}
But this is not working and when I read the proxy.log is also balancing traffic not just from mywebsite1.com, but also from my other domains: mywebsite2.com, mywebsite3.com, etc. Any help is really appreciated since as you see I'm not an expert! Thanks :)
I know it is years old question, but it still might help someone.
To make it work like you want, you must define at least two virtualhosts (server blocks).
1st is so called "default" - that is it serves everything that is not defined in any other virtualhost. Default in nginx context means defining:
server_name _;
You can add index.html to that virtualhost to tell visitors to go to right place. Display some sort of error message. Or redirect visitors to right place without any message - what ever suits your purposes.
But some sort of default is required if you want your other virtualhost block(s) to serve only specific domain(s) and nothing else.
2nd is "mywebsite1.com" - that only serves that particular domain. Your configuration for that domain is correct. And you can add more virtualhost blocks for different domains.
If you only have one virtualhost (even if it is not "default" type) then every single http request will go to that virtualhost, regardless if domain name matches or not.
You need to keep in mind that you should define different root path for every virtualhost, unless you want them all so serve same content.
root /some/path;
Which domain is served by which virtualhost is defined through server_name directive.
"_" means default and serves anything that does not match some other virtualhost.
You can define more than one domain if you want virtualhost block to serve more than one (do not forget to add both with and without www if you want both to work):
server_name www.example.com example.com some.other.domain.com;
You can also use wildcards:
server_name *.example.com;
So correct config file would be something like this:
# default virtualhost to serve everything that does not match other virtualhosts
server {
listen 80;
server_name _;
root /some/path/default_site;
# add other rules for default site
}
# virtualhost to server only (www.)mywebsite1.com
server {
listen 80;
# please note that you need to add both with and without "www." if you want both to work.
server_name mywebsite1.com www.mywebsite1.com;
root /some/path/mywebsite1.com;
# add other rules for mywebsite1.com
}
# virtualhost for example.com (without www)
server {
listen 80;
server_name example.com;
root /some/path/example.com;
# add other rules for example.com
}
If you send all of your traffic to your Nginx server, it has to do something with it. Since you only have one server block, regardless of what the server name is configured to be it will take the traffic for all host names.
If you don't want Nginx to handle traffic for all of your domains, simply don't point all of your domains at it (with DNS).
On a server ideally I'd serve my own static and WordPress sites using Cloudflare > Varnish > Nginx but since I'd also be hosting others sites for testing such as Joomla and WordPress that rely on multiple extensions that use .htaccess and such, I wouldn't be able to easily run those sites through Nginx. So I'd like to run those sites on the same server with CloudFlare > Varnish > Nginx Reverse Proxy > Apache.
The server only has 1 ip address and runs ubuntu and php-fpm and mysql. Each site would have their own separate domain name. Would this be possible?
server {
server_name example.com;
location / {
# assuming apache is on port 81 for example
proxy_pass http://127.0.0.1:81;
# to make apache detect the host header
proxy_set_header Host $host;
}
# if you have assets folders, you can let nginx serve them directly,
# instead of passing them to apache
location /images { # or /css or /js .. etc
try_files $uri =404;
}
}
Note: in the case of assets, sometimes some sites serve assets through rewrites, or even handled by the application it self, you can pass it to apache by adding that in the assets location as a fallback like this
location /images {
try_files $uri #apache;
}
location #apache {
proxy_pass http://127.0.0.1:81;
}
In apache you create a virtual host
<VirtualHost *:81>
ServerName example.com
# the rest of the config if needed
</VirtualHost>
I have nginx running on port 80 with a proxy pass for multiple node.js instances.
I'd like to also use nginx on the same port, to proxy for an apache instance running on another port, say 8888.
Here's the basics of my nginx.conf
upstream localhost {
server 127.0.0.1:8000;
server 127.0.0.1:8001;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://localhost;
}
location /admin/ {
proxy_pass 127.0.0.1:8888;
}
}
The two upstream's are node.js instances. But the /admin/ is for the site on apache, however it doens't work.
Is there another way to do this?
Thank you!
location /admin/ {
proxy_pass http://127.0.0.1:8888;
}
http://nginx.org/r/proxy_pass