We Keep Coding

traefik doesn't detect my container with nginx and php-fpm

I'm using traefik :
version: '3'
services:
traefik:
image: traefik:v2.9
# command: --api.insecure=true --providers.docker
command: --providers.docker
ports:
- "80:80"
- "8080:8080"
network_mode: "host"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./acme.json:/acme.json
command:
# We are going to use the docker provider
- --api.insecure=true
- "--providers.docker"
# Only enabled containers should be exposed
#- "--providers.docker.exposedByDefault=false"
# We want to use the dashbaord
- "--api.dashboard=true"
# The entrypoints we ant to expose
- "--entrypoints.web.address=:80"
- "--entrypoints.websecure.address=:443"
#- "--entrypoints.web.http.redirections.entryPoint.to=websecure"
# - "--entrypoints.web.http.redirections.entryPoint.scheme=https"
# - "--entrypoints.web.http.redirections.entrypoint.permanent=true"
- "--certificatesresolvers.letsencrypt.acme.email=$EMAIL"
- "--certificatesresolvers.letsencrypt.acme.storage=acme.json"
# used during the challenge
And separately another docker-compose.yml with database, mailserver, nginx+php-fpm:
version: "3"
services:
database:
build:
context: ./database
environment:
MYSQL_DATABASE: '${MYSQL_DATABASE}'
MYSQL_USER: '${MYSQL_USER}'
MYSQL_PASSWORD: '${MYSQL_PASSWORD}'
MYSQL_ROOT_PASSWORD: '${MYSQL_ROOT_PASSWORD}'
volumes:
- ./database/data:/var/lib/mysql
restart: always
php-http:
build:
context: ../
dockerfile: ./docker/php-nginx/Dockerfile
args:
DOMAIN: '${DOMAIN}'
depends_on:
- database
- mailserver
volumes:
- ./nginxlogs/:/var/log/nginx/
- './symfonylogs:/var/www/html/mystuff/var/log/'
#labels:
# - traefik.http.routers.php-http.tls=true
# - traefik.http.routers.php-http.tls.certresolver=letsencrypt
# - traefik.http.services.php-http.loadbalancer.server.port=8080
# - traefik.enable=true
# - traefik.http.routers.php-http.rule=Host(`mystuff.com`, `mystuff2.com`)
# - 'traefik.http.routers.php-http.tls.domains[0].main=mystuff.com'
# - 'traefik.http.routers.php-http.tls.domains[1].main=mystuff2.com'
restart: always
mailserver:
[stuffs]
The dockerfile for nginx/php-fpm is based on https://github.com/TrafeX/docker-php-nginx/tree/1.10.0.
But I made a few changes in the config.
The nginx.conf :
worker_processes auto;
error_log stderr warn;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# Define custom log format to include reponse times
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$request_time $upstream_response_time $pipe $upstream_cache_status';
access_log /dev/stdout main_timed;
error_log /dev/stderr notice;
keepalive_timeout 65;
# Write temporary files to /tmp so they can be created as a non-privileged user
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
# Default server definition
server {
listen [::]:8080 default_server;
listen 8080 default_server;
server_name _;
sendfile off;
root /var/www/html;
index index.php index.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# Redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/lib/nginx/html;
}
# Pass the PHP scripts to PHP-FPM listening on 127.0.0.1:9000
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
expires 5d;
}
# Deny access to . files, for security
location ~ /\. {
log_not_found off;
deny all;
}
# Allow fpm ping and status from localhost
location ~ ^/(fpm-status|fpm-ping)$ {
access_log off;
allow 127.0.0.1;
# deny all;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
}
}
gzip on;
gzip_proxied any;
gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss;
gzip_vary on;
gzip_disable "msie6";
# Include other server configs
include /etc/nginx/conf.d/*.conf;
}
my website config :
server {
listen [::]:8080 default_server;
listen 8080 default_server;
server_name mystuff.com mystuff2.com;
root /var/www/html/mystuff/public;
location / {
# try to serve file directly, fallback to index.php
try_files $uri /index.php$is_args$args;
}
# optionally disable falling back to PHP script for the asset directories;
# nginx will return a 404 error when files are not found instead of passing the
# request to Symfony (improves performance but Symfony's 404 page is not displayed)
# location /bundles {
# try_files $uri =404;
# }
location ~ ^/index\.php(/|$) {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
# optionally set the value of the environment variables used in the application
# fastcgi_param APP_ENV prod;
# fastcgi_param APP_SECRET <app-secret-id>;
# fastcgi_param DATABASE_URL "mysql://db_user:db_pass#host:3306/db_name";
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
# Caveat: When PHP-FPM is hosted on a different machine from nginx
# $realpath_root may not resolve as you expect! In this case try using
# $document_root instead.
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/index.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
# return 404 for all other php files not matching the front controller
# this prevents access to other php files you don't want to be accessible.
location ~ \.php$ {
return 404;
}
location ~ ^/(fpm-status|fpm-ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
www.conf:
[global]
; Log to stderr
error_log = /dev/stderr
[www]
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
; a specific port;
; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses
; (IPv6 and IPv4-mapped) on a specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php/php7.4-fpm.sock
listen.owner = nobody
listen.group = nobody
listen.mode = 0660
user = nobody
group = nobody
; Enable status page
pm.status_path = /fpm-status
; Ondemand process manager
pm = ondemand
; The number of child processes to be created when pm is set to 'static' and the
; maximum number of child processes when pm is set to 'dynamic' or 'ondemand'.
; This value sets the limit on the number of simultaneous requests that will be
; served. Equivalent to the ApacheMaxClients directive with mpm_prefork.
; Equivalent to the PHP_FCGI_CHILDREN environment variable in the original PHP
; CGI. The below defaults are based on a server without much resources. Don't
; forget to tweak pm.* to fit your needs.
; Note: Used when pm is set to 'static', 'dynamic' or 'ondemand'
; Note: This value is mandatory.
pm.max_children = 100
; The number of seconds after which an idle process will be killed.
; Note: Used only when pm is set to 'ondemand'
; Default Value: 10s
pm.process_idle_timeout = 10s;
; The number of requests each child process should execute before respawning.
; This can be useful to work around memory leaks in 3rd party libraries. For
; endless request processing specify '0'. Equivalent to PHP_FCGI_MAX_REQUESTS.
; Default Value: 0
pm.max_requests = 1000
; Make sure the FPM workers can reach the environment variables for configuration
clear_env = no
; Catch output from PHP
catch_workers_output = yes
; Remove the 'child 10 said into stderr' prefix in the log and only show the actual message
decorate_workers_output = no
; Enable ping page to use in healthcheck
ping.path = /fpm-ping
Among other things, I made it listen to /var/run/php/php7.4-fpm.sock instead of the localhost.
Result : if I try to reach my website, I get a "404 page not found". Without traefik it seems to work (in http).
On the dashboard of traefik, I can see that traefik detect the containers of my database and mailserver, but not php-nginx. It's not in the list.
Update :
php-http_1 | 2023-01-22 16:27:56,736 CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend to run as root, you can set user=root in the config file to avoid this message.
php-http_1 | 2023-01-22 16:27:56,739 INFO supervisord started with pid 1
php-http_1 | 2023-01-22 16:27:57,742 INFO spawned: 'nginx' with pid 7
php-http_1 | 2023-01-22 16:27:57,744 INFO spawned: 'php-fpm' with pid 8
php-http_1 | nginx: [emerg] a duplicate default server for [::]:8080 in /etc/nginx/conf.d/symfony-nginx.conf:2
php-http_1 | 2023-01-22 16:27:57,754 INFO exited: nginx (exit status 1; not expected)
php-http_1 | 2023-01-22 16:27:57,755 INFO gave up: nginx entered FATAL state, too many start retries too quickly
php-http_1 | [22-Jan-2023 16:27:57] NOTICE: PHP message: PHP Warning: PHP Startup: Unable to load dynamic library 'pdo_mysql' (tried: /usr/lib/php7/modules/pdo_mysql (Error loading shared library /usr/lib/php7/modules/pdo_mysql: No such file or directory), /usr/lib/php7/modules/pdo_mysql.so (Error relocating /usr/lib/php7/modules/pdo_mysql.so: pdo_throw_exception: symbol not found)) in Unknown on line 0
php-http_1 | [22-Jan-2023 16:27:57] NOTICE: fpm is running, pid 8
php-http_1 | [22-Jan-2023 16:27:57] NOTICE: ready to handle connections
php-http_1 | 2023-01-22 16:27:58,792 INFO success: php-fpm entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
docker ps:
713bd86c922d docker_php-http "/usr/bin/supervisor…" 2 minutes ago Up 2 minutes (unhealthy) 8080/tcp docker_php-http_1
f80676dda336 docker_database "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 3306/tcp, 33060/tcp docker_database_1
a4a50d91722d docker_mailserver "/usr/bin/entrypoint…" 2 minutes ago Up 2 minutes (healthy) 25/tcp, 110/tcp, 143/tcp, 465/tcp, 587/tcp, 993/tcp, 995/tcp, 4190/tcp mailserver
I tried billions of small changes, nothing works. I'm getting quite desperate. I had made another build with apache instead of nginx, it works perfectly. I have no idea what's going on. Does anyone has any idea?
Thank you
Update : okay we can see in the docker ps that it's noted as unhealthy. I assume it's related.
In the original docker image, there is this :
HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping
I assume it's not correct anymore after my changes.

geting error when i tired open theme.editor.php

i tried to open https://isin.ir/wp-admin/theme-editor.php and customize my theme
i get error
Request Timeout
This request takes too long to process, it is timed out by the server. If it should not be timed out, please contact administrator of this web site to increase 'Connection Timeout'.
the thing i did
increase max_execution_time in php.ini
add define( 'DISALLOW_FILE_EDIT', false ); to wp-config.php
when i chang theme this problem was solved

hi in my opinion if you use this code your problem fix
server {
listen 4050;
listen [::]:4050;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/deltatechco.ir;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name deltatechco.ir www.deltatechco.ir;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}

Configure nginx to run subsites

I was able to set up nginx server blocks as per tutorials. When I try to access the sites through the respective domain names I am directed to the same site.
I have been trying to multiple the subsite of /site1 under localhost in windows.
nginx.conf
#user nobody;
# worker_processes 1;
worker_processes auto;
# error_log logs/error.log;
# error_log logs/error.log notice;
# error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root H:\www\html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root H:\www\html;
}
# this is the default server
location = /site1 {
return 301 /site1/;
}
location ^~ /site1/ {
root H:\www\html\drupal-8.1.10;
index index.php;
}
location ~ /site1/\.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9123;
fastcgi_index index.php;
include fastcgi_params;
}
}
}
www directory:
H:\www\html>tree /f
Folder PATH listing for volume 975
Volume serial number is 0000-043C
H:.
│ 50x.html
│ index.html
│ drupal.tar.gz
│
└───drupal-8.1.10
index.php
The potential URL should be:
localhost
localhost/site1
Thanks

In Windows use:
nginx path on the same drive e.g:
H:/nginx
pid full absolute path e.g:
pid H:/nginx/logs/nginx.pid;
error logs enable e.g (uncoment):
error_log logs/error.log;
error_log logs/error.log notice;
error_log logs/error.log info;
set|enable output log format
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
correct root into server block is (in double ""):
server{
location /{
root "H:/nginx/www/html";
}
}
correct php fastCGI params e.g:
server{
location ~ /site1/\.php$ {
root www/html/site1
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME C:/nginx/www/html/site1$fastcgi_script_name;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
include fastcgi_params;
}
}
Well I think that's it.
All root settings must be enclosed in double quotes and normal bar (/) do not forget to see the log of errors ... it says a lot :)
My sample configuration:
init.bat (to start|close service)[can not serve you]
#ECHO OFF
TITLE LOCALHOST SERVICE
REM GO TO NGINX DIR
CD C:/nginx
TASKLIST /FI "IMAGENAME eq nginx.exe" | FIND /I "nginx.exe" > NUL && (GOTO STOP) || (GOTO START)
:START
ECHO.
ECHO ---------------------------- STARTING NGINX SERVER ----------------------------
ECHO.
REM START NGINX SERVICE
START/MIN nginx.exe
ECHO.
ECHO ----------------------------- STARTER PHP SERVICE -----------------------------
ECHO.
REM START PHP SERVICE (FOR NGINX)
php/php-cgi.exe -b 127.0.0.1:9000 -c C:/nginx/php/php.ini
REM GO TO "END" BLOCK FOR DON'T EXECUTE "STOP" BLOCK ¬¬
GOTO END
:STOP
REM QUIT|STOP NGINX SERVICE
REM OLD-COMMAND: START nginx.exe -s quit
TASKKILL /F /IM nginx.exe > NUL
REM STOP PHP SERVICE
TASKKILL /F /IM php-cgi.exe > NUL
GOTO END
:END
Ok the init.bat file lets you start or stop nginx and php with just a double-click simple.
You can add it there someone icon and place it in such work area.
Assuming php run in a subdirectory nginx would have the following structure:
// System hard drive (in my case)
---C:
| // nginx path
|--------nginx
|
|---nginx.exe //executable
|
|---conf // configurations path
|
|---logs // logs path
|
|---pid // path to pid your proccess
|
|---html // path to your server (or blocks)
|
|---mime.types // archive list mime types
|
|---init.bat // optinal
A good practice is to use server-blocks even if they do not use subdomains.
For this create a folder in "C:/nginx/conf" called "sites-enabled" and make a "backup" of your nginx configuration file "C:/nginx/conf/nginx.conf" for such "nginx.conf.bk".
The new configuration file would look like this:
nginx.conf (modified)
# Configuration File - Nginx Server Configs
# http://nginx.org/en/docs/dirindex.html
# Run as a unique, less privileged user for security reasons.
# user www www;
# Sets the worker threads to the number of CPU cores available in the system for best performance.
# Should be > the number of CPU cores.
# Maximum number of connections = worker_processes * worker_connections
worker_processes auto;
# Maximum number of open files per worker process.
# Should be > worker_connections.
worker_rlimit_nofile 8192;
events {
# If you need more connections than this, you start optimizing your OS.
# That's probably the point at which you hire people who are smarter than you as this is *a lot* of requests.
# Should be < worker_rlimit_nofile.
worker_connections 8000;
}
# Log errors and warnings to this file
# This is only used when you don't override it on a server{} level
error_log logs/error.log warn;
# The file storing the process ID of the main process
pid C:/nginx/pids/nginx.pid;
http {
# Hide nginx version information.
server_tokens off;
# Specify MIME types for files.
include mime.types;
default_type application/octet-stream;
# Update charset_types to match updated mime.types.
# text/html is always included by charset module.
charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;
# Include $http_x_forwarded_for within default format used in log files
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Log access to this file
# This is only used when you don't override it on a server{} level
access_log logs/access.log main;
# How long to allow each connection to stay idle.
# Longer values are better for each individual client, particularly for SSL,
# but means that worker connections are tied up longer.
keepalive_timeout 20s;
# Speed up file transfers by using sendfile() to copy directly
# between descriptors rather than using read()/write().
# For performance reasons, on FreeBSD systems w/ ZFS
# this option should be disabled as ZFS's ARC caches
# frequently used files in RAM by default.
sendfile on;
# Don't send out partial frames; this increases throughput
# since TCP frames are filled up before being sent out.
tcp_nopush on;
# Enable gzip compression.
gzip on;
# Compression level (1-9).
# 5 is a perfect compromise between size and CPU usage, offering about
# 75% reduction for most ASCII files (almost identical to level 9).
gzip_comp_level 5;
# Don't compress anything that's already small and unlikely to shrink much
# if at all (the default is 20 bytes, which is bad as that usually leads to
# larger files after gzipping).
gzip_min_length 256;
# Compress data even for clients that are connecting to us via proxies,
# identified by the "Via" header (required for CloudFront).
gzip_proxied any;
# Tell proxies to cache both the gzipped and regular version of a resource
# whenever the client's Accept-Encoding capabilities header varies;
# Avoids the issue where a non-gzip capable client (which is extremely rare
# today) would display gibberish if their proxy gave them the gzipped version.
gzip_vary on;
# Compress all output labeled with one of the following MIME-types.
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
# text/html is always compressed by gzip module
# This should be turned on if you are going to have pre-compressed copies (.gz) of
# static files available. If not it should be left off as it will cause extra I/O
# for the check. It is best if you enable this in a location{} block for
# a specific directory, or on an individual server{} level.
# gzip_static on;
# Include files in the sites-enabled folder. server{} configuration files should be
# placed in the sites-available folder, and then the configuration should be enabled
# by creating a symlink to it in the sites-enabled folder.
# See doc/sites-enabled.md for more info.
include C:/nginx/conf/sites-enabled/*.conf;
}
Note that the end of this example we "including" all files ".conf" of "sites-enabled" folder.
If you do not use server-blocks you can simply create a file "default.conf" that will have your server settings.
Something like this:
default.conf (example)
server {
listen 80;
keepalive_timeout 300s;
# define path to this project
root "C:/nginx/html/your_path_here";
# Specify a charset
charset utf-8;
# define your server name
server_name localhost;
index index.php index.html;
autoindex off;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 ------------------------------
#
location ~ \.php$ {
# root for PHP FASTCGI MAPING
root html/your_path_here;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME C:/nginx/html/your_path_here$fastcgi_script_name;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
include fastcgi_params;
}
# Prevent clients from accessing hidden files (starting with a dot) -------------------
# This is particularly important if you store .htpasswd files in the site hierarchy
# Access to `/.well-known/` is allowed.
# https://www.mnot.net/blog/2010/04/07/well-known
# https://tools.ietf.org/html/rfc5785
location ~* /\.(?!well-known\/) {
deny all;
}
# Prevent clients from accessing to backup/config/source files ------------------------
location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
deny all;
}
# Expire rules for static content -----------------------------------------------------
# No default expire rule. This config mirrors that of apache as outlined in the
# html5-boilerplate .htaccess file. However, nginx applies rules by location,
# the apache rules are defined by type. A consequence of this difference is that
# if you use no file extension in the url and serve html, with apache you get an
# expire time of 0s, with nginx you'd get an expire header of one month in the
# future (if the default expire rule is 1 month). Therefore, do not use a
# default expire rule with nginx unless your site is completely static
# cache.appcache, your document html and data -----------------------------------------
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
access_log logs/static.log;
}
# Feed --------------------------------------------------------------------------------
location ~* \.(?:rss|atom)$ {
expires 1h;
add_header Cache-Control "public";
}
# Media: images, icons, video, audio, HTC ---------------------------------------------
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript ------------------------------------------------------------------
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
# WebFonts ----------------------------------------------------------------------------
# If you are NOT using cross-domain-fonts.conf, uncomment the following directive
# location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
# expires 1M;
# access_log off;
# add_header Cache-Control "public";
# }
}
For local development is a good choice to set cache negatito (-1) to always update to load the page.
Note that the configuration shown here is just an example and you may (or may not) use them.
Also note that by defining a root directory I put "your_path_here" replace as your real directory name.
This directory must be inside the folder "html" in "C:/nginx/html/".
To create a server-block to "site1" create a new configuration file in "sites-enabled" with any name and point to the corresponding root directory, this assuming your hosts file ("C:/Windows/System32/drives/etc/") has "site1" to "127.0.0.1" or subdomain is set to localhost (127.0.0.1 site1.localhost)

i Use
location ~ \.php$ {
root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME C:/nginx-0.7.60/html$fastcgi_script_name; #this is the one line for edition
include fastcgi_params;
}
C:\PHP5\php-cgi.exe -b 127.0.0.1:9000

nginx rewriting with drupal windows

this is the first time i use nginx , and i have two problems with it,
the first one is that i want to redirect http://localhost/project automatically to http://localhot/project/en/ and en is subdirectory on project.
The second problem : in localhost/project/en/ i can see the index.php i mean the main page but every redirecting from the project give me 404 not found like localhost/project/en/people/ or
localhost/project/en/people/article1
NB : i use nginx in windows with drupal and . here is my configuration:
worker_processes 1;
events {
worker_connections 1024;
}
http {
server_tokens on;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
ssi off;
#Timeouts
client_body_timeout 5;
client_header_timeout 5;
keepalive_timeout 25 25;
send_timeout 15s;
resolver_timeout 3s;
#Directive sets timeout period for connection with FastCGI-server. It should be noted that this value can't exceed 75 seconds.
fastcgi_connect_timeout 5s;
#Directive sets the amount of time for upstream to wait for a fastcgi process to send data. Change this directive if you have long running fastcgi processes that do not produce output until they have finished processing. If you are seeing an upstream timed out error in the error log, then increase this parameter to something more appropriate.
fastcgi_read_timeout 400s;
#Directive specifies request timeout to the server. The timeout is calculated between two write operations, not for the whole request. If no data have been written during this period then serve closes the connection.
fastcgi_send_timeout 150s;
fastcgi_buffers 8 32k;
fastcgi_buffer_size 32k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
open_file_cache off;
#php max upload limit cannot be larger than this
client_max_body_size 8m;
####client_body_buffer_size 1K;
client_header_buffer_size 1k;
large_client_header_buffers 2 1k;
types_hash_max_size 2048;
include nginx.mimetypes.conf;
default_type text/html;
##
# Logging Settings
##
access_log "c:/wt-nmp/log/nginx_access.log";
error_log "c:/wt-nmp/log/nginx_error.log" warn; #debug or warn
log_not_found on; #enables or disables messages in error_log about files not found on disk.
rewrite_log off;
#Leave this off
fastcgi_intercept_errors off;
gzip off;
index index.php index.htm index.html;
server {
listen 127.0.0.1:80 default_server;
#listen [::1]:80 ipv6only=on;
server_name localhost;
root "c:/wt-nmp/www/";
autoindex on;
allow 127.0.0.1;
#allow ::1;
deny all;
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
# deny all;
}
location /project {
index index.php;
try_files $uri $uri/ #handler;
}
location #handler { rewrite / /project/en/index.php; }
location ~ ^/en/ {
root "c:/wt-nmp/www/project";
try_files $uri $uri/ /en/index.php?$args;
}
#tools are now served from wt-nmp/include/tools/
location ~ ^/tools/.*\.php$ {
root "c:/wt-nmp/include";
try_files $uri =404;
include nginx.fastcgi.conf;
fastcgi_pass php_farm;
}
location ~ ^/tools/ {
root "c:/wt-nmp/include";
}
location ~ \.php$ {
# try_files $uri =404;
# fastcgi_pass php_farm;
fastcgi_pass 127.0.0.1:9000;
include nginx.fastcgi.conf;
}
}
include domains.d/*.conf;
include nginx.phpfarm.conf;
}

WPN-XM Server Stack
Installation Instructions for Drupal 7
with "Clean URLs"
Installation Steps:
Download http://ftp.drupal.org/files/projects/drupal-7.34.zip
Extract into c:\wpn-xm\www
rename versionized folder to just "drupal" = full path to drupal = c:\wpn-xm\www\drupal
run drupal install - http://localhost/drupal/install.php
activate missing PHP extensions: maybe gd2, mbstring, then restart php
reload install page, all green, proceed to database dialog
before filling the database dialog, create database "drupal" in adminer, then use that as db in dialog
proceed with install steps until done
Browse: http://localhost/drupal/
Ok, you just installed Drupal on localhost.
URL Rewriting and Clean URLs Steps:
After the installation, 3 things are needed to get short URLs working:
provide new host "http://drupal.dev"
add a Nginx Configuration for URL rewriting
enabling "Clean URLs" in the Drupal Configuration
Important Notice
The short/nice/clean URLs work only for URLs starting with
"http://drupal.dev/" not for "localhost". Using megaphone: not working
with "http://localhost/..." - use "http://drupal.dev/...".
Add "drupal.dev" to hosts file
You need to add "drupal.dev" to your "hosts" file.
manually or
via the WPN-XM Server Control Panel - Steps:
right-click tray icon - "Manage Hosts"
"Add" - Data "127.0.01" "drupal.dev"
Click Ok.
The Windows Permissions Dialog pops up.
Click Ok, to allow writing to the "hosts" file.
If Anti-Virus tool blocks writing to the hosts file, disable AV it, repeat the steps, enable it again.
Check: http://drupal.dev/?q=admin - ok
-
**Add a Nginx server block for Drupal7 **
Use the following Nginx config file to activate rewriting URLs:
https://github.com/WPN-XM/software/blob/master/nginx/config/conf/domains-disabled/drupal7.conf
You might use an include directive in your main nginx.conf to load it.
Restart or rehash Nginx to activate the new configuration.
You can now start using the URL "http://drupal.dev" in your browser.
Important is the the following directive in your server block
# Make site accessible from http://drupal.dev/
server_name drupal.dev;
and the rewrite rule rewrite ^/(.*)$ /index.php?q=$1;.
Check: http://drupal.dev/admin
Activate "Clean URLs" in Drupal Configuration
Testing "Clean URLs"
http://drupal.dev/admin/config/search/clean-urls/check
Response: {"status":true}
Enabling "Clean URLs" (b)
http://drupal.dev/admin/config/search/clean-urls
Check Checkbox & Save.
Links in the menu should appear in "Clean URL" form without "?q=".
Final Checks:
Hover links in the menu and check for short URLs. - ok
http://drupal.dev/admin - ok
http://drupal.dev/user/login - ok
Done.

Laravel4-nginx-fpm file not found on rewrite

Hello I am using laravel 4 on Nginx with FastCGI, I am pretty new to Nginx and FastCGI.
The situation is when I use the urls as $doc_root/index.php?my_uri it works but when I try pretty URLs it does not work.
this is my nginx configuration
server {
listen 80;
server_name localhost;
rewrite_log on;
index index.php;
root /home/mostafa/public_html;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
#pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~* \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /home/mostafa/public_html$fastcgi_script_name;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
location ~* \.(?:ico|css|js|jpe?g|JPG|png|svg|woff)$ {
expires 365d;
}
}
and this is my FastCGI file
;prefix = /path/to/pools/$pool
; Unix user/group of processes
; Note: The user is mandatory. If the group is not set, the default user's group
; will be used.
user = www-data
group = www-data
; The address on which to accept FastCGI requests.
; Valid syntaxes are:
; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on
; a specific port;
; 'port' - to listen on a TCP socket to all addresses on a
; specific port;
; '/path/to/unix/socket' - to listen on a unix socket.
; Note: This value is mandatory.
listen = /var/run/php5-fpm.sock
The case is when I try a url like this
http://localhost/laravel-master/public/index.php?current it works and when I try it with out the index.php it does not work, and gives a file not found and in error log it says
FastCGI sent in stderr: "Primary script unknown" while reading
although according to this tutorial it should work
http://daylerees.com/nginx-configuration-for-daylerees-dot-com

Ok after searching for a few while and so many try outs, I found that the error was in my nginx config document root, it must be set to laravel-master/public/
The error I was getting was because the rewritten URLs were forwarded to $document_root/index.php which is localhost/index.php which of course does not exist, so changing the document root to my laravel master did the trick and the URLs where rewritten to localhost/laravel-master/public/index.php