📗 Nginx

📗 Nginx#

Overview

nginx Nginx is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, originally written by Igor Sysoev.
See a full overview on the About Page .

Basic Authentication#

Create a basic authentication (like htaccess in apache2).

location /shared_videos {
        autoindex on;
        auth_basic "Restricted Content";
        auth_basic_user_file /etc/nginx/.htpasswd;
}

Create a full-vhost authentication.

server {
        ...
        auth_basic "Restricted Content";
        auth_basic_user_file /etc/nginx/.htpasswd;
        ...
}

Tip

Create a hashed password.

openssl passwd -6
...
mkpasswd -m SHA-512

Then add the user login and his hashed password in /etc/nginx/.htpasswd.

toto:$6$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Real IP in Logs#

Behind a HAProxy load balancer, to get the real client IP address in logs,
create the configuration file /etc/nginx/conf.d/real_ip.conf.
set_real_ip_from 10.1.0.1; # haproxy
real_ip_header X-Forwarded-For;
real_ip_recursive on;

Support PHP#

Install php and php-fpm packages.
Then update the php-nedeed vhost.
location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/run/php/php<php_version>-fpm.sock;
}

Tip

Get your configured socket.

grep "^listen\s" /etc/php/7.0/fpm/pool.d/www.conf
  listen = /run/php/php7.0-fpm.sock

Check your active socket.

pgrep php-fpm -a
  24563 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
  24564 php-fpm: pool www
  24565 php-fpm: pool www

lsof -p 24563 | awk '$9 ~ /.*\.sock$/{print $9}'
  /run/php/php7.0-fpm.sock

Create a PHP-FPM Pool#

Copy the default pool configuration.

grep -v "^#.*$\|^;.*$\|^$" /etc/php/7.0/fpm/pool.d/www.conf > guisam.conf

Edit the new configuration file, change the pool’s name, user and listen value.

[blog.guisam.xyz]
user = guillaume
...
listen = /run/php/php7.0-fpm.guillaume.sock
...

php_admin_value[memory_limit] = 256M

Update the php-nedeed vhost.

location ~ \.php$ {
  try_files $uri =404;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  fastcgi_pass unix:/run/php/php7.0-fpm.guillaume.sock;
  fastcgi_index index.php;
  include fastcgi.conf;
}

Restart/reload nginx and php-fpm services, then check the new pools.

pgrep php-fpm -a
  1605 php-fpm: master process (/etc/php/7.0/fpm/php-fpm.conf)
  1606 php-fpm: pool blog.guisam.xyz
  1607 php-fpm: pool blog.guisam.xyz
  1608 php-fpm: pool www
  1609 php-fpm: pool www

Errors Pages#

error_page 403 /403.html;
location  /403.html {
  internal;
}

error_page 404 /404.html;
location  /404.html {
  internal;
}

Pelican customized error page

customized_404

Contents