Nginx

De MochilaWiki

instalando Nginx

apt-get install libpcre3-dev libssl-dev build-essential
cd /usr/src
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
tar zxvf nginx-0.8.54.tar.gz
cd nginx-0.8.54/
./configure --prefix=/usr/local/nginx --user=www-data --group=www-data \
--without-mail_pop3_module --without-mail_imap_module --with-sha1=/usr/lib \
--without-mail_smtp_module --with-http_stub_status_module \
--with-http_ssl_module --http-log-path=/var/log/nginx/access.log \
--conf-path=/etc/nginx/nginx.conf  --pid-path=/var/run/nginx.pid \
--with-http_sub_module --with-http_ssl_module --with-http_gzip_static_module \
--with-http_stub_status_module
make
make install
cd /usr/src
wget http://pub.nkosi.org/nginx/iredmail/nginx-init
wget http://pub.nkosi.org/iredmail/nginx-logrotate
wget http://pub.nkosi.org/iredmail/nginx.conf
mkdir /etc/nginx/sites-enabled
mv nginx.conf /etc/nginx/
mv nginx-init /etc/init.d/nginx
mv nginx-logrotate /etc/logrotate.d/nginx
chmod 755 /etc/init.d/nginx
update-rc.d nginx defaults

iniciando serviços

/etc/init.d/nginx start

cgi

para aplicações que ficam em /usr/lib/cgi-bin

apt-get install fcgiwrap
        location /cgi-bin/ {
                gzip off;
                root  /usr/lib;
                fastcgi_pass  unix:/var/run/fcgiwrap.socket;
                include /etc/nginx/fastcgi_params;
                fastcgi_param SCRIPT_FILENAME  /usr/lib$fastcgi_script_name;
        }


com php - spawn-fcgi

apt-get install php5-cgi
wget http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz
tar -xf spawn*
cd spawn*
./configure
make
cp src/spawn-fcgi /usr/bin/spawn-fcgi
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-bin
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-init
mv php-fastcgi-bin /usr/bin/php-fastcgi
mv php-fastcgi-init /etc/init.d/php-fastcgi
echo cgi.fix_pathinfo = 1 >> /etc/php5/cgi/php.ini
chmod a+x /usr/bin/php-fastcgi
chmod 755 /etc/init.d/php-fastcgi
update-rc.d php-fastcgi defaults
/etc/init.d/php-fastcgi start

com perl

apt-get install libfcgi-perl
wget http://pub.nkosi.org/nginx/fastcgi-wrapper.pl-text
wget http://pub.nkosi.org/nginx/perl-fastcgi
mv perl-fastcgi /etc/init.d/
mv fastcgi-wrapper.pl-text /usr/bin/fastcgi-wrapper.pl
chmod a+x /usr/bin/fastcgi-wrapper.pl
chmod 755 /etc/init.d/perl-fastcgi
update-rc.d perl-fastcgi defaults
/etc/init.d/perl-fastcgi start

sintaxe para nginx.conf

em nginx.conf:

user www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    access_log  /var/log/nginx/access.log;
    sendfile        on;
    keepalive_timeout  65;
    tcp_nodelay        on;
    gzip  on;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_proxied any;
    gzip_min_length  1100;
    gzip_buffers 16 8k;
    gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/gif image/jpeg image/png;
    gzip_disable "MSIE [1-6].(?!.*SV1)";
    gzip_vary on;

    include /etc/nginx/sites-enabled/*;
}

vhost simples - em /etc/nginx/sites-enabled/pub.nkosi.net

    server {
        listen          80;
        server_name pub.nkosi.net;

        location / {
                root   /var/www/quijaua.com.br/pub/;
                index  index.html;
        }
  }

acrescentando log

access_log   /var/log/nginx/quijaua.com.br/pub/access.log;
error_log  /var/log/nginx/quijaua.com.br/pub/error.log info;

e para cada domínio cria o respectivo diretório

mkdir -p /var/log/nginx/quijaua.com.br/pub/

Desativa visualização de .htaccess & .htpassword

location ~ /\.ht {
   deny  all;
}

rodando php

        location / {
            root   /usr/share/apache2/;
            index  index.php index.html;
        }

         location ~ \.php$ {
            root            /usr/share/apache2/;
            include         fastcgi_params;
            fastcgi_pass    127.0.0.1:9000;
            fastcgi_index   index.php;
            fastcgi_param   SCRIPT_FILENAME /usr/share/apache2$fastcgi_script_name;
            fastcgi_param SERVER_NAME $http_host;
            fastcgi_ignore_client_abort on;
        }

redirecionamento

        location / {
                rewrite ^ https://mail.elegbara.net/webmail permanent;
        }

ou

        location = /direotorio/login.php {
                return 301 http://novoendereco.com.br/login.php;
        }


listando itens de um diretório - simples

location  /  {
  root   /var/www/pub/;
  autoindex  on;
  autoindex_exact_size on
}

listando itens de um diretório - fancyindex baixe o pacote ngx-fancyindex-0.3 e acrescente em "configure" --add-module=ngx-fancyindex-0.3

location  /  {
  root   /var/www/pub/;
  fancyindex on;
  fancyindex_exact_size off;
}

rodando perl/cgi

        location ~ ^/cgi-bin/.*\.pl$ {
                gzip off;
                fastcgi_pass  127.0.0.1:9000;
                include fastcgi_params;
                fastcgi_index cgi-bin.php;
                fastcgi_param SCRIPT_FILENAME /usr/share/apache2/cgi-bin.php;
                fastcgi_param SCRIPT_NAME /cgi-bin/cgi-bin.php;
                fastcgi_param X_SCRIPT_FILENAME /usr/lib$fastcgi_script_name;
                fastcgi_param X_SCRIPT_NAME $fastcgi_script_name;
        }
        location ~  \.pl$ {
                gzip off;
                fastcgi_pass  127.0.0.1:8999;
                fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin$fastcgi_script_name;
                include fastcgi_params;
                fastcgi_param SCRIPT_NAME awstats.pl;
        }

Para deixar publico a pasta /usr/share/doc

        location /doc {
                root   /usr/share;
        }

Ou um arquivo no caminho /srv/hatchepsut/nginx-powered.png

        location = /nginx-powered.png {
                root   /srv/hatchepsut;
                access_log   off;
        }

Alias

	location ^~ /phppgadmin {
        	alias /usr/share/phppgadmin/;
	}

Reescrita

        location /old_stuff/ {
            rewrite   ^/old_stuff/(.*)$  /new_stuff/$1  permanent;
        }

entrada para log

  log_format   main '$remote_addr - $remote_user [$time_local]  $status '
    '"$request" $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';
                #permite o acesso para o ip         
                allow 127.0.0.1;

                #nega o acesso para todos
                deny all;

                #permite listar conteúdo da pasta
                autoindex on;

                #codificação da página
		charset utf-8; 
		charset         on;

                #não gera log
		access_log   off;

                #expira em 30 dias
		expires      30d;

                #restrição por senha - htpasswd
		auth_basic            "Restricted";
		auth_basic_user_file  /etc/awstats/webstats.example.com.htpasswd;

		client_body_buffer_size     128K;
		client_header_buffer_size   128K;
		client_max_body_size          1M;
		large_client_header_buffers 1 1k;
		error_page  404  /404.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~* ^.+\.(css|js)$ {
root /folder/to/static/files;
expires 30d;
}
location ~* \.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|xml|docx|xlsx)$ {
  root /srv/hatchepsut/;
  index index.php;
  access_log off;
  expires 30d;
 }

páginas de erro

	error_page 404 /index.php; 
	error_page 403 /403.html; 

	location ^~ /error_images/ { 
	root   /var/www/static_pages/error_pages; 
	access_log        off; 
	expires           30d; 
	} 


	location = /403.html { 
  	root   /var/www/static_pages/error_pages; 
	} 

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
                root   /var/www/nginx-default;
        }

      error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497
                 500 501 502 503 504 505 506 507 /error_page.html;
      location  /error_page.html {
          internal;

userdir

location ~ ^/~(.+?)(/.*)?$ {
      alias /home/$1/public_html$2;
      autoindex on;
}

definindo um vhost como padrão do servidor - nginx

server {
listen 80 default;
}

tamanho do arquivo para upload nginx+php-fpm

acrescente os valores em /etc/php5/fpm/domain.tld.conf

max_execution_time = 240
upload_max_filesize = 32M
post_max_size = 32M
memory_limit = 32M

o arquivo de configuração do site /etc/nginx/sites-enabled/domain.tld fica

server {
        server_name domain.tld www.domain.tld;
        root /var/www/project;
        index  index.html index.php;
        client_header_timeout 240;
        client_body_timeout 240;
        fastcgi_read_timeout 240;
        client_max_body_size 32m;
        client_body_buffer_size 128k;

        location ~ \.php$ {
		fastcgi_param PHP_VALUE "upload_max_filesize = 32M \n post_max_size=33M";
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php ;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }

}

arquivos SSI

location /reportagens/ {
        ssi on;
        ssi_last_modified on;
        ssi_min_file_chunk 1k;
        ssi_silent_errors off;
#       ssi_types text/html;
        ssi_value_length 256;
        root /var/www/reportagens/public_html/;
        index 01.shtml ;

     location ~ \.shtml$ {
         fastcgi_pass   127.0.0.1:9001;
         fastcgi_index  index.shtml;
         include fastcgi_params;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     }

}


proxy

No caso de ter uma aplicação rodando em http://quijaua.net/bantu/galeria ficou assim

ajuste no apache

<VirtualHost *:81>
        ServerName galeriainterna.net
        DirectoryIndex index.php
        DocumentRoot /var/www/html/galeria/public_html/cms/
        ErrorLog /var/log/apache2/galeria-error.log
        CustomLog /var/log/apache2/galeria-access.log common
</VirtualHost>

altere em 80 para 81 em /etc/apache2/ports.conf

sed 's/80/81/g' /etc/apache2/ports.conf


ajuste no nginx

server {
     listen          80;
     server_name quijaua.net;
     root  /var/www/html/galeria/public_html/cms;

     index      index.php;
     access_log /var/log/nginx/galeria.access.log main;
     error_log /var/log/nginx/galeria.error.log info;

     location /bantu/galeria {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass      http://galeriainterna.net:81;
     }
}