I used to use lnmp. Now I decide to use an upgradable apt source. I have build MySQL and Nginx. After installing PHP and php-fpm, my nginx cannot execute PHP. It can resolve HTML. Here is my config for my virtual host:
server {
listen 80;
server_name himeki.net;
return 301 https://$server_name$request_uri;
root /home/wwwroot;
index index.html index.php index.htm;
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443;
server_name himeki.net;
ssl on;
ssl_certificate /etc/nginx/himeki.net.crt;
ssl_certificate_key /etc/nginx/himeki.net.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
root /home/wwwroot;
location ~ / {
index index.html index.php index.html index.htm;
}
location ~ [^/]\.php(/|$)
{
try_files $uri =404;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
}
Finally I use 'Apache2' to instead. It works.
Related
Good Morning guys,
i am trying to create an working Nginx Config.
I have two web applications:
/app/web
/app/api
My URL should look like this:
10.X.X.XX => /app/web
10.X.X.XX/api => /app/api
My current config:
server {
listen 80 default_server;
index index.php index.html index.htm;
root /app/web;
location /api {
root /app/api;
}
location ~ [^/]\.php(/|$) {
autoindex on;
autoindex_exact_size on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
error_log stderr warn;
access_log /dev/stdout main;
client_max_body_size 10M;
}
Any suggestions?
You can host multiple site if you follow below configuration. This is a working code. You can modify it according to your need
server {
# Listing port and host address
# If 443, make sure to include ssl configuration for the same.
listen 80;
listen [::]:80;
server_name 192.168.0.132;
# Default index pages
index index.php;
# Root for / shipment
root /var/www/msdsl/shipment/public;
# Handle main root / shipment
location / {
#deny all;
try_files $uri $uri/ /index.php?$args;
}
# Handle restora project, just replicate this section for further projects app3, app4
# by just replacing restora with appropriate tag(project1,/project2/project 3)
location /restora {
# Root for this project
root /var/www/msdsl/restora/public;
# Rewrite $uri=/restora/xyz back to just $uri=/xyz
rewrite ^/restora/(.*)$ /$1 break;
# Try to send static file at $url or $uri/
# Else try /index.php (which will hit location ~\.php$ below)
try_files $uri $uri/ /index.php?$args;
}
location /tposreport {
# Root for this project
root /var/www/msdsl/tposreport/public;
# Rewrite $uri=/tposreport/xyz back to just $uri=/xyz
rewrite ^/tposreport/(.*)$ /$1 break;
# Try to send static file at $url or $uri/
# Else try /index.php (which will hit location ~\.php$ below)
try_files $uri $uri/ /index.php?$args;
}
# Handle all locations *.php files (which will always be just /index.php)
# via factcgi PHP-FPM unix socket
location ~ \.php$ {
# At this point, $uri is /index.php, $args=any GET ?key=value and $request_uri = /restora/xyz.
# But we don't want to pass /restora/xyz to PHP-FPM, we want just /xyz to pass to fastcgi REQUESTE_URI below.
# This allows laravel to see /restora/xyz as just /xyz in its router.
# So laravel route('/xyz') responds to /restora/xyz as you would expect.
set $newurl $request_uri;
if ($newurl ~ ^/tposreport(.*)$) {
set $newurl $1;
root /var/www/msdsl/tposreport/public;
}
if ($newurl ~ ^/restora(.*)$) {
set $newurl $1;
root /var/www/msdsl/restora/public;
}
# Pass all PHP files to fastcgi php fpm unix socket
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Use php fpm sock which is installed on your machine like php7.2, php5.6
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
# Here we are telling php fpm to use updated route that we've created to properly
# response to laravel routes.
fastcgi_param REQUEST_URI $newurl;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
# Deny .ht* access
location ~ /\.ht {
deny all;
}
}`
Just copy and paste the same config into a new file
Name it the same as the subdomain you want it to run on
Give the path to the folder
Add the new subdomain to the hosts file
Restart nginx
Create 2 more servers in nginx. The first for /api (listen en 8080 for example), the other for /web (on 8081). Your main serveur (on 80/443) is then a proxy on the others :
upstream backend_api{
server 127.0.0.1:8080;
}
upstream backend_web{
server 127.0.0.1:8081;
}
server {
listen 80;
server_name www.example.com example.com;
location /api{
include proxy_params;
proxy_pass http://backend_api;
}
location / {
include proxy_params;
proxy_pass http://backend_web;
}
}
server {
listen 8080 default_server;
index index.php index.html index.htm;
root /app/api;
location ~ [^/]\.php(/|$) {
autoindex on;
autoindex_exact_size on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
error_log stderr warn;
access_log /dev/stdout main;
client_max_body_size 10M; }
server {
listen 8081 default_server;
index index.php index.html index.htm;
root /app/web;
location ~ [^/]\.php(/|$) {
autoindex on;
autoindex_exact_size on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
error_log stderr warn;
access_log /dev/stdout main;
client_max_body_size 10M;
}
compose up successfully and visit to the browser myapp.local, it will not load and it will go to google search. but if I type http://myapp.local it will load correctly. I think my Nginx is not doing good for redirecting. I already have in my etc/host
127.0.0.1 myapp.local
Here is my nginx
server {
listen 80;
listen [::]:80;
# For https
# listen 443 ssl;
# listen [::]:443 ssl ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name myapp.local;
root /var/www/myapp/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
resolver 127.0.0.11;
set $upstream php:9000;
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass $upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location /.well-known/acme-challenge/ {
root /var/www/letsencrypt/;
log_not_found off;
}
error_log /var/log/nginx/laravel_error.log;
access_log /var/log/nginx/laravel_access.log;
}
Thank you in advance
I am using nginx + php-fpm on my centos server and while I was trying to set up https, with nginx.conf revised, I find that only the 'index.php' cannot be properly accessed.
working:
https://ip/index.php
https://domain/*.php (* != index)
https://domain/*/*.php
http://ip/index.php
http://domain/index.php
not working:
https://domain/index.php
my nginx.conf looks like this:
server {
listen 443 default_server;
server_name localhost;
ssl on;
root /home/wwwroot/default;
index index.html index.htm;
ssl_certificate cert/*****.pem;
ssl_certificate_key cert/*****.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
root /home/wwwroot/default;
index index.html index.htm index.php;
}
location ~ [^/]\.php(/|$) {
root /home/wwwroot/default;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include fastcgi.conf;
}
}
I have trouble to run davical (php) web calendar. There is no errol log in nginx error logs. When is calendar under \ location everything work. But when i have calendar under /calendar location. it returns 404.
default server root is: /usr/share/nginx/html/default
calendar index.php path: /usr/share/nginx/html/calendar/davical/htdocs\index.php
os: Centos 7
server {
listen 80 default_server;
server_name my_domain_name;
return 301 https://$server_name$request_uri;
}
Https
server {
listen 443 ssl http2;
server_name my_domain_name;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
ssl on;
ssl_certificate "/etc/pki/tls/certs/nginx/certificate.pem";
ssl_certificate_key "/etc/pki/tls/certs/nginx/privatekey.pem";
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
ssl_dhparam "/etc/pki/tls/certs/nginx/dhparam.pem";
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
resolver 8.8.8.8 8.8.4.4;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate "/etc/pki/tls/certs/nginx/certificate.pem";
add_header Strict-Transport-Security "max-age=31536000;includeSubdomains; preload";
root /usr/share/nginx/html/default;
index index.php index.html index.htm;
include /etc/nginx/default.d/php-fpm.conf;
location /calendar {
alias /usr/share/nginx/html/calendar/davical/htdocs;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
php-fpm.conf
location ~ \.php$ {
try_files $uri =404;
fastcgi_param HTTPS on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include fastcgi_params;
}
Your existing location ~ \.php$ block serves the /usr/share/nginx/html/default root. You need a nested location to process PHP files under the /calendar URI.
Assuming that your calendar app is designed to work within a subfolder, this may work for you:
location ^~ /calendar {
alias /usr/share/nginx/html/calendar/davical/htdocs;
index index.php;
if (!-e $request_filename) {
rewrite ^ /calendar/index.php last;
}
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
Use the ^~ modifier to prevent the other location ~ \.php$ block from taking precedence (see this document for more). Use $request_filename, as it works with alias. Avoid using try_files with alias (see this issue).
EDITED!
I set up a mail server on Debian 7 with Nginx, Postfix, Postfixadmin, Dovecot and Roundcube.
I tried to create an alias to use the SSL certificate of my domain example.org (of course, the domain here is an example) for the webmail. When accessing the following URL https://example.org/support/webmail/ - Nginx doesn't redirect to the index.php file and I get the following message 403 Forbidden. It only works if I manually add a .php file at the end of the URL.
Here's my configuration:
server {
listen 80;
server_name example.org;
return 301 https://$server_name$request_uri;
}
server {
listen 80;
server_name www.example.org;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
ssl on;
server_name example.org;
root /var/www/soon;
server_tokens off;
ssl_certificate /etc/ssl/certs/example.org.certchain.crt;
ssl_certificate_key /etc/ssl/private/example.org.key;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;
# HSTS
add_header Strict-Transport-Security max-age=15768000;
location /support/webmail/ {
alias /var/www/webmail/;
autoindex off;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
# include fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
}
Thank you. :)
Solved.
Here's the configuration that works for me:
server {
listen 80;
server_name example.org;
return 301 https://$server_name$request_uri;
}
server {
listen 80;
server_name www.example.org;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
ssl on;
server_name example.org;
root /var/www/soon;
server_tokens off;
ssl_certificate /etc/ssl/certs/example.org.certchain.crt;
ssl_certificate_key /etc/ssl/private/example.org.key;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_prefer_server_ciphers on;
# HSTS
add_header Strict-Transport-Security max-age=15768000;
location /support/webmail/ {
alias /var/www/webmail/;
autoindex off;
index index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
}
Add the
location / {
try_files $uri $uri/ index.php;
}
part in the config that isnt working, and turn off autoindex.