Nginx

WORDPRESS on nginx

Ecco i passi d'installazione, supponiamo di avere già il db disponibile. La guida di riferimento è https://www.digitalocean.com/community/articles/how-to-install-wordpress-with-nginx-on-ubuntu-12-04

apt-get install php5-mysql nginx  php5 php5-fpm

Dopo modificare la configurazione di php
nano /etc/php5/fpm/php.ini
# trovare la linea cgi.fix_pathinfo=1, decommentare e cambiare da 1 to 0.
cgi.fix_pathinfo=0
service php5-fpm restart
service nginx restart

Di solito queste utility non guastano

apt-get install php5-gd php5-curl

In questa pagina c'è come testare se il php sta funzionando https://www.digitalocean.com/community/articles/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-12-04

Dentro /etc/nginx/sites-enabled disabilitare il sito di default e crearne un altro che abbia queste direttive
Va cambiato root e server_name

server {
        listen   80; ## listen for ipv4; this line is default and implied
        #listen   [::]:80 default ipv6only=on; ## listen for ipv6

        root /var/www;
        index index.php index.html index.htm;

        # Make site accessible from http://localhost/
        server_name example.com;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to index.html
                try_files $uri $uri/ /index.php?q=$uri&$args;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }

        location /doc/ {
                alias /usr/share/doc/;
                autoindex on;
                allow 127.0.0.1;
                deny all;
        }

        # Only for nginx-naxsi : process denied requests
        #location /RequestDenied {
                # For example, return an error code
                #return 418;
        #}

        #error_page 404 /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
               root /usr/share/nginx/www;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

                # With php5-cgi alone:
                fastcgi_pass 127.0.0.1:9000;
                # With php5-fpm:
        #       fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        location ~ /\.ht {
               deny all;
        }
}

Proxy pass

server {
        listen   80; ## listen for ipv4; this line is default and implied

        root  /var/www/nginx/;
        index index.php index.html index.htm;

        # Make site accessible from http://localhost/
        server_name openbilanci.hdue.it, openbilanci.it;

        location / {
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }
  location /OpenBilancioWS {
                proxy_pass http://127.0.0.1:8080/OpenBilancioWS;
        }

}

Multiapche sottostante

Discriminazione in base al nome

upstream apache {
        server localhost:8080;
        #server 192.168.0.2:80;
        #server 192.168.0.3:80 weight=2;
        #server 192.168.0.4:80 backup;
}
server {
        server_name miodmonio.it;
        root /home/example.com/www;
        location / {
                proxy_pass http://apache;
        }
}

Proxy preserve host in nginx

server {
        server_name miodmonio.it;
        root /home/example.com/www;
        proxy_set_header Host $host;

Fastcgi configurazioni

Codice dentro nginx

     location /fast/iipsrv.fcgi {
                fastcgi_pass    localhost:9000;
                fastcgi_param   PATH_INFO $fastcgi_script_name;
                fastcgi_param   REQUEST_METHOD $request_method;
                fastcgi_param   QUERY_STRING $query_string;
                fastcgi_param   CONTENT_TYPE $content_type;
                fastcgi_param   CONTENT_LENGTH $content_length;
        }

Server/proxy pass di default

Si possono definire più server ognuno con un nome se non matcha nessuno prende quello con scritto default_server, il server_name indicato con _ è opzionale.
In questa pagina http://nginx.org/en/docs/http/server_names.html ci sono diversi esempi per le espressioni regolari. “*.example.org” o altri.

server {
        listen   80 default_server; 

        root /usr/share/nginx/www;
        index index.html index.htm;

        server_name  _;

        location / {
                try_files $uri $uri/ /index.html;
        }

server {
        listen 80;
        server_name www.sito.it ;

        location / {
                proxy_pass http://tomcat6-aquila;
        }

        access_log /var/log/nginx/sito-access.log;
        error_log /var/log/nginx/sito-error.log;

}

upstream tomcat6-aquila {
        server localhost:12080;
}

File Singoli

 location /robots.txt {
                alias /var/www/robots.txt;
 }

Protezione con username e password

Gli ip con allow non necessitano di username e password, devo completare leggendo come fare a creare le credenziali questo pezzo non l'ho provato ma rubacchiato su un server su cui ero di passaggio.

server {

      listen   80;
      server_name  nomeserver.com;
      access_log  /var/log/nginx/nome.test_access.log;
      error_log  /var/log/nginx/nome.test_error.log error;
      #set your default location
      location /      {
              satisfy any;
              proxy_pass         http://127.0.0.1:5000/;
              auth_basic "Restricted";
              auth_basic_user_file /etc/nginx/users;
              allow 127.0.0.0/24;
              allow 192.168.1.0/24;
              allow 10.0.0.0/24;
              deny all;
      }

Script di avvio

Codice dentro /etc/init.d/iipsrv

cat iipsrv 
#!/bin/sh     
start() {
        echo "Starting iipsrv services: "
        export LOGFILE="/tmp/iipsrv99.log" 
    export VERBOSITY="5" 
    export JPEG_QUALITY="100"
    export MAX_IMAGE_CACHE_SIZE="10"
    export MAX_CVT="30000" 
    /var/lib/apache2/fcgid/iipsrv.fcgi --bind 127.0.0.1:9000 &
        RETVAL=$?
        echo
}

stop() {
        echo "Shutting down iipsrv services: "
    PIDTOKILL=`ps aux |  grep iipsrv | awk '{print $2}'`
    echo $PIDTOKILL
    kill -9 $PIDTOKILL
        RETVAL=$?
    echo
}

viewlog(){
    echo -n "View access log of iipsrv services: "
    echo -n "press CTRL+C to exit "
    tail -f  /tmp/iipsrv.log

}
status(){
        echo "Stato di iipsrv tramite comando top"
        ps aux | grep iipsrv 
}

case "$1" in 
start)
start
;;
stop)
stop
;;
viewlog)
viewlog
;;
restart|reload)
stop
start
;;
status)
status 
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|status|viewlog}"
exit 1
esac
exit $RETVAL

Copiare il file in una directory e poi eseguire un

ldd iipsrv.fcgi
Salvo diversa indicazione, il contenuto di questa pagina è sotto licenza Creative Commons Attribution-ShareAlike 3.0 License