New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
nginx support? #24
Comments
... I created a file for the general configuration ... Step 1: Install the php-fpm and php-mysql things
Step 2: Configure the PHP ProcessorWe now have our PHP components installed, but we need to make a slight configuration change to make our setup more secure. Open the main php-fpm configuration file with root privileges:
What we are looking for in this file is the parameter that sets cgi.fix_pathinfo. This will be commented out with a semi-colon (;) and set to "1" by default. This is an extremely insecure setting because it tells PHP to attempt to execute the closest file it can find if the requested PHP file cannot be found. This basically would allow users to craft PHP requests in a way that would allow them to execute scripts that they shouldn't be allowed to execute. We will change both of these conditions by uncommenting the line and setting it to "0" like this: /etc/php/7.2/fpm/php.ini
Save and close the file when you are finished. Now, we just need to restart our PHP processor by typing:
This will implement the change that we made. Step 3: Configure Nginx to Use the PHP ProcessorNow, we have all of the required components installed. The only configuration change we still need is to tell Nginx to use our PHP processor for dynamic content. We do this on the server block level (server blocks are similar to Apache's virtual hosts). Open the default Nginx server block configuration file by typing:
Currently, with the comments removed, the Nginx default server block file looks like this:
We need to make some changes to this file for our site. First, we need to add index.php as the first value of our index directive so that files named index.php are served, if available, when a directory is requested. We can modify the server_name directive to point to our server's domain name or public IP address. For the actual PHP processing, we just need to uncomment a segment of the file that handles PHP requests by removing the pound symbols (#) from in front of each line. This will be the location ~.php$ location block, the included fastcgi-php.conf snippet, and the socket associated with php-fpm. We will also uncomment the location block dealing with .htaccess files using the same method. Nginx doesn't process these files. If any of these files happen to find their way into the document root, they should not be served to visitors. The file should look like what's below: /etc/nginx/sites-available/default
When you've made the above changes, you can save and close the file. Test your configuration file for syntax errors by typing:
If any errors are reported, go back and recheck your file before continuing. When you are ready, reload Nginx to make the necessary changes:
Step 4: Create a PHP File to Test ConfigurationYour LEMP stack should now be completely set up. We can test it to validate that Nginx can correctly hand .php files off to our PHP processor. We can do this by creating a test PHP file in our document root. Open a new file called info.php within your document root in your text editor:
Type or paste the following lines into the new file. This is valid PHP code that will return information about our server: /var/www/html/info.php
|
... this is the dependencies installation file: install_deps-nginx.sh#!/bin/bash # Copyright 2016-2018 Brian Warner echo " Installing any missing dependencies... sudo apt-get install nginx php-cli php-mysql echo " |
Note: Since I am running mariadb, I did take out the mysql installation from the nginx config. |
.. currently working on pointing nginx at the php, etc. ... database created just fine with setup.py ... |
Here is how I configured the nginx server to serve up facade .... Setting Up Server Blocks (Pretty much necessary if you are running more than one website on the server.)When using the Nginx web server, you can use server blocks (similar to virtual hosts in Apache) to encapsulate configuration details and host more than one domain from a single server. We will set up a domain called facade, but you should replace this with your own domain name. Create the directory for facade, using the -p flag to create any necessary parent directories:
Assign ownership of the directory:
The permissions of your web roots should be correct if you haven't modified your umask value, but you can make sure by typing:
Create a sample index.html page using nano or your favorite editor:
Inside, add the following sample HTML: /var/www/facade/html/index.html <html>
<head>
<title>Welcome to facade!</title>
</head>
<body>
<h1>Success! The facade server block is working!</h1>
</body>
</html> Save and close the file when you are finished. Make a new server block at /etc/nginx/sites-available/facade:
Paste in the following configuration block, updated for our new directory and domain name: /etc/nginx/sites-available/facade server {
listen 80;
listen [::]:80;
root /var/www/facade/html;
index index.html index.htm index.nginx-debian.html;
server_name facade www.facade;
location / {
try_files $uri $uri/ =404;
}
} Save and close the file when you are finished. Enable the file by creating a link from it to the sites-enabled directory:
/etc/nginx/sites-enabled/ Two server blocks are now enabled and configured to respond to requests based on their listen and server_name directives: facade: Will respond to requests for facade and www.facade.
Find the server_names_hash_bucket_size directive and remove the # symbol to uncomment the line: /etc/nginx/nginx.conf http {
...
server_names_hash_bucket_size 64;
...
} Test for syntax errors:
Restart Nginx to enable your changes:
Nginx should now be serving your domain name. You can test this by navigating to http://facade, where you should see something like this: Nginx first server block |
Any guidance on using nginx for the web server instead of apache?
The text was updated successfully, but these errors were encountered: