NGiNX

From TBP Wiki
Revision as of 13:41, 2 January 2019 by Goldbolt (talk | contribs)
Jump to: navigation, search

NGiNX Nginx ( /ˌɛndʒɪnˈɛks/ EN-jin-EKS[8]) (stylized as NGiNX or nginx) is a web server which can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. The software was created by Igor Sysoev and first publicly released in 2004. A company of the same name was founded in 2011 to provide support and Nginx plus paid software.

Nginx is free and open-source software, released under the terms of a BSD-like license. A large fraction of web servers use NGINX, often as a load balancer.

Proxy Forwarding

This is a basic reverse proxy setting for a subdomain within a network that doesn't have outside access due to reasons. This can be set for anything else as well. Be aware of how you access this within the local network and if https is needed as it has to be set exact within "proxy_pass" and the first part of "proxy_redirect":

        server {
                 listen 443 ssl;
                 listen [::]:443 ssl;
                 server_name test.tbpchan.cz;
        ssl on;
                ssl_certificate /usr/local/etc/fullchain.pem;
            ssl_certificate_key /usr/local/etc/privkey.pem;
        location / {
                        proxy_pass http://192.168.1.255:8080;
                        proxy_set_header Host $host;
                        proxy_set_header X-Real-IP $remote_addr;
                        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_redirect      http://192.168.1.255:8080 http://192.168.1.255;
                }
        }

Pass PHP rendering to PHP-FPM

This is required in order to get PHP working with hosting websites.

           location ~ \.php$ {
       try_files $uri =404;
       fastcgi_split_path_info ^(.+?\.php)(.*)$;
       fastcgi_pass 127.0.0.1:9000;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $request_filename;
       include /usr/local/etc/nginx/fastcgi_params;
       include fastcgi_params;
           }

You can also pass it to a Unix socket instead or a port using the following:

       fastcgi_pass unix:/usr/local/var/run/php5-fpm.sock;

NGiNX Caching

In order to set up NGiNX caching, you have to set the following above the "server" heading.

        proxy_cache_path /DIR levels=1:2 keys_zone=tbpchan.cz_cache:10m max_size=2g inactive=120m use_temp_path=off;

To assign a virtual server to caching, use the following:

       location / {
               try_files $uri $uri/ =404;
      proxy_buffers 256 16k;
      proxy_buffer_size 16k;
      proxy_read_timeout 600s;
      proxy_cache tbpchan.cz_cache;
      proxy_cache_revalidate on;
      proxy_cache_min_uses 2;
      proxy_cache_use_stale timeout;
      proxy_cache_lock on;
       }


NGiNX authentication browser popup

This provides blocking based on logins. You have to run the first command and create a new .htpasswd file before using it however.

  • Generate .htpasswd file
        htpasswd -c /home/username/.htpasswd username
  • Change or update .htpasswd file
        htpasswd /home/username/.htpasswd-users username
  • NGiNX configuration for .htpasswd authentication
        auth_basic "Restricted Content";
        auth_basic_user_file /home/username/.htpasswd;