W . A . X . O
ncc-1701
LINUX - UNIX




NGINX

0 - First installation

  • Commercial web site : https://www.nginx.com
  • Technical web site : http://nginx.org
  • Installation on Debian Gnu/Linux : sudo apt-get install nginx
  • Vhosts : /etc/nginx/sites-available + /etc/nginx/sites-enabled

1 - Nginx with Php

  • sudo apt-get install php-cli php-fpm
  • sudo /etc/init.d/php7.0-fpm restart
  • sudo /etc/init.d/nginx restart

2 - Php Vhost Example

====== VHOST ======
server {
	client_max_body_size	20M;
	listen   80; ## listen for ipv4

	server_name  xxxxx.org www.xxxxxx.org;

	access_log  /var/log/nginx/xxxxx.access.log;
	error_log   /var/log/nginx/xxxxx.error.log;

	location / {
		root   /uuuuu/zzzzzz/xxxxx/www;
		index  index.html index.htm index.php;
	}

	location /prive {
		root   /uuuuu/zzzzzz/xxxxx/www;
		index  index.html index.htm index.php;
      		auth_basic "Restricted Access";
      		auth_basic_user_file /home/admin/list-users;
	}


    location ~ \.php$ {
        include /etc/nginx/fastcgi_params;
        #fastcgi_pass  127.0.0.1:9988;
    	fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME  /uuuuu/zzzzzz/xxxxx/www$fastcgi_script_name;
    }
}

3 - Nginx as Proxy and Load Balancer

  • Nginx could be used as a proxy web for load balancing.
  • Http/Https requests are received by Nginx, by a vhosts as usually.
  • The proxy vhost transfers requests to a another server, targeted by an @ip or a FQDN.
  • HTTPS certificate have to be installed on the Nginx Proxy Server with the "server_name" as usaully.
  • PROXY VHOST EXAMPLE 
server {
        server_name mysite.domain.com;
        location / {
        include proxy_params;
        proxy_pass http://server2.domain.com;
        }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mysite.domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mysite.domain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}