Mudanças entre as edições de "Nginx"
(49 revisões intermediárias por 2 usuários não estão sendo mostradas) | |||
Linha 1: | Linha 1: | ||
− | + | == instalando Nginx == | |
− | + | <source lang="bash"> | |
− | + | apt-get install libpcre3-dev libssl-dev build-essential | |
− | + | cd /usr/src | |
− | + | wget -c http://nginx.org/download/nginx-0.8.54.tar.gz | |
− | + | tar zxvf nginx-0.8.54.tar.gz | |
− | + | cd nginx-0.8.54/ | |
− | + | ./configure --prefix=/usr/local/nginx --user=www-data --group=www-data \ | |
− | + | --without-mail_pop3_module --without-mail_imap_module --with-sha1=/usr/lib \ | |
− | + | --without-mail_smtp_module --with-http_stub_status_module \ | |
− | + | --with-http_ssl_module --http-log-path=/var/log/nginx/access.log \ | |
− | + | --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid \ | |
− | + | --with-http_sub_module --with-http_ssl_module --with-http_gzip_static_module \ | |
− | + | --with-http_stub_status_module | |
− | + | make | |
− | + | make install | |
− | + | cd /usr/src | |
− | + | wget http://pub.nkosi.org/nginx/iredmail/nginx-init | |
− | + | wget http://pub.nkosi.org/iredmail/nginx-logrotate | |
− | + | wget http://pub.nkosi.org/iredmail/nginx.conf | |
− | + | mkdir /etc/nginx/sites-enabled | |
− | + | mv nginx.conf /etc/nginx/ | |
− | + | mv nginx-init /etc/init.d/nginx | |
− | + | mv nginx-logrotate /etc/logrotate.d/nginx | |
− | + | chmod 755 /etc/init.d/nginx | |
− | + | update-rc.d nginx defaults | |
− | + | </source> | |
− | + | ||
− | + | iniciando serviços | |
− | |||
− | |||
− | |||
− | |||
− | |||
/etc/init.d/nginx start | /etc/init.d/nginx start | ||
+ | === Instalando versão recente em Ubuntu 18.04 === | ||
+ | |||
+ | em /etc/apt/sources.list.d/nginx.list insira | ||
+ | deb [arch=amd64] http://nginx.org/packages/mainline/ubuntu/ bionic nginx | ||
+ | deb-src http://nginx.org/packages/mainline/ubuntu/ bionic nginx | ||
+ | |||
+ | <source lang="bash"> | ||
+ | sudo wget https://nginx.org/keys/nginx_signing.key | ||
+ | sudo apt-key add nginx_signing.key | ||
+ | sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak | ||
+ | sudo apt-get update | ||
+ | sudo apt-get install nginx | ||
+ | </source> | ||
+ | |||
+ | |||
+ | |||
+ | Referências | ||
+ | * https://www.linuxbabe.com/ubuntu/install-nginx-latest-version-ubuntu-18-04 | ||
+ | * https://www.nginx.com/resources/wiki/start/topics/tutorials/install/ | ||
+ | * https://www.techrepublic.com/article/how-to-install-the-latest-version-of-nginx-on-ubuntu-server-18-04/ | ||
+ | * https://askubuntu.com/questions/1229740/how-to-upgrade-to-latest-stable-nginx-on-ubuntu-18 | ||
+ | * https://www.linuxbabe.com/ubuntu/install-nginx-latest-version-ubuntu-18-04 | ||
+ | |||
+ | == cgi == | ||
+ | para aplicações que ficam em /usr/lib/cgi-bin | ||
+ | |||
+ | <source lang="bash"> | ||
+ | apt-get install fcgiwrap | ||
+ | </source> | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | |||
+ | location /cgi-bin/ { | ||
+ | gzip off; | ||
+ | root /usr/lib; | ||
+ | fastcgi_pass unix:/var/run/fcgiwrap.socket; | ||
+ | include /etc/nginx/fastcgi_params; | ||
+ | fastcgi_param SCRIPT_FILENAME /usr/lib$fastcgi_script_name; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | |||
+ | == com php - spawn-fcgi == | ||
+ | <source lang="bash"> | ||
+ | apt-get install php5-cgi | ||
+ | wget http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz | ||
+ | tar -xf spawn* | ||
+ | cd spawn* | ||
+ | ./configure | ||
+ | make | ||
+ | cp src/spawn-fcgi /usr/bin/spawn-fcgi | ||
+ | wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-bin | ||
+ | wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-init | ||
+ | mv php-fastcgi-bin /usr/bin/php-fastcgi | ||
+ | mv php-fastcgi-init /etc/init.d/php-fastcgi | ||
+ | echo cgi.fix_pathinfo = 1 >> /etc/php5/cgi/php.ini | ||
+ | chmod a+x /usr/bin/php-fastcgi | ||
+ | chmod 755 /etc/init.d/php-fastcgi | ||
+ | update-rc.d php-fastcgi defaults | ||
+ | /etc/init.d/php-fastcgi start | ||
+ | </source> | ||
+ | |||
+ | == com perl == | ||
+ | <source lang="bash"> | ||
+ | apt-get install libfcgi-perl | ||
+ | wget http://pub.nkosi.org/nginx/fastcgi-wrapper.pl-text | ||
+ | wget http://pub.nkosi.org/nginx/perl-fastcgi | ||
+ | mv perl-fastcgi /etc/init.d/ | ||
+ | mv fastcgi-wrapper.pl-text /usr/bin/fastcgi-wrapper.pl | ||
+ | chmod a+x /usr/bin/fastcgi-wrapper.pl | ||
+ | chmod 755 /etc/init.d/perl-fastcgi | ||
+ | update-rc.d perl-fastcgi defaults | ||
+ | /etc/init.d/perl-fastcgi start | ||
+ | </source> | ||
+ | |||
+ | == sintaxe para nginx.conf == | ||
+ | |||
+ | '''em nginx.conf:''' | ||
+ | <source lang="nginx"> | ||
+ | user www-data; | ||
+ | worker_processes 1; | ||
+ | |||
+ | error_log /var/log/nginx/error.log; | ||
+ | pid /var/run/nginx.pid; | ||
+ | |||
+ | events { | ||
+ | worker_connections 1024; | ||
+ | } | ||
+ | |||
+ | http { | ||
+ | include /etc/nginx/mime.types; | ||
+ | default_type application/octet-stream; | ||
+ | |||
+ | access_log /var/log/nginx/access.log; | ||
+ | sendfile on; | ||
+ | keepalive_timeout 65; | ||
+ | tcp_nodelay on; | ||
+ | gzip on; | ||
+ | gzip_http_version 1.0; | ||
+ | gzip_comp_level 2; | ||
+ | gzip_proxied any; | ||
+ | gzip_min_length 1100; | ||
+ | gzip_buffers 16 8k; | ||
+ | gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/gif image/jpeg image/png; | ||
+ | gzip_disable "MSIE [1-6].(?!.*SV1)"; | ||
+ | gzip_vary on; | ||
+ | |||
+ | include /etc/nginx/sites-enabled/*; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | '''vhost simples''' - em /etc/nginx/sites-enabled/pub.nkosi.net | ||
+ | <source lang="nginx"> | ||
+ | server { | ||
+ | listen 80; | ||
+ | server_name pub.nkosi.net; | ||
+ | |||
+ | location / { | ||
+ | root /var/www/quijaua.com.br/pub/; | ||
+ | index index.html; | ||
+ | } | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | acrescentando '''log''' | ||
+ | <source lang="nginx"> | ||
+ | access_log /var/log/nginx/quijaua.com.br/pub/access.log; | ||
+ | error_log /var/log/nginx/quijaua.com.br/pub/error.log info; | ||
+ | </source> | ||
+ | |||
+ | e para cada domínio cria o respectivo diretório | ||
+ | <source lang="bash"> | ||
+ | mkdir -p /var/log/nginx/quijaua.com.br/pub/ | ||
+ | </source> | ||
+ | |||
+ | Desativa visualização de .htaccess & .htpassword | ||
+ | <source lang="nginx"> | ||
+ | location ~ /\.ht { | ||
+ | deny all; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | * SSL em [[Certifcado SSL]] e [[Cacert]] | ||
+ | |||
+ | rodando php | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location / { | ||
+ | root /usr/share/apache2/; | ||
+ | index index.php index.html; | ||
+ | } | ||
+ | |||
+ | location ~ \.php$ { | ||
+ | root /usr/share/apache2/; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_pass 127.0.0.1:9000; | ||
+ | fastcgi_index index.php; | ||
+ | fastcgi_param SCRIPT_FILENAME /usr/share/apache2$fastcgi_script_name; | ||
+ | fastcgi_param SERVER_NAME $http_host; | ||
+ | fastcgi_ignore_client_abort on; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | redirecionamento | ||
+ | <source lang="nginx"> | ||
+ | location / { | ||
+ | rewrite ^ https://mail.elegbara.net/webmail permanent; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | ou | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location = /direotorio/login.php { | ||
+ | return 301 http://novoendereco.com.br/login.php; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | |||
+ | listando itens de um diretório - simples | ||
+ | <source lang="nginx"> | ||
+ | location / { | ||
+ | root /var/www/pub/; | ||
+ | autoindex on; | ||
+ | autoindex_exact_size on | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | * http://wiki.nginx.org/HttpAutoindexModule | ||
+ | |||
+ | listando itens de um diretório - fancyindex | ||
+ | baixe o pacote [http://download.snake.de/dist/ngx-fancyindex-0.3.tar.gz ngx-fancyindex-0.3] e acrescente em "configure" --add-module=ngx-fancyindex-0.3 | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location / { | ||
+ | root /var/www/pub/; | ||
+ | fancyindex on; | ||
+ | fancyindex_exact_size off; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | * http://wiki.nginx.org/NgxFancyIndex | ||
+ | |||
+ | rodando perl/cgi | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location ~ ^/cgi-bin/.*\.pl$ { | ||
+ | gzip off; | ||
+ | fastcgi_pass 127.0.0.1:9000; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_index cgi-bin.php; | ||
+ | fastcgi_param SCRIPT_FILENAME /usr/share/apache2/cgi-bin.php; | ||
+ | fastcgi_param SCRIPT_NAME /cgi-bin/cgi-bin.php; | ||
+ | fastcgi_param X_SCRIPT_FILENAME /usr/lib$fastcgi_script_name; | ||
+ | fastcgi_param X_SCRIPT_NAME $fastcgi_script_name; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | * [http://pub.nkosi.org/nginx/cgi-bin.php.txt cgi-bin.php] | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location ~ \.pl$ { | ||
+ | gzip off; | ||
+ | fastcgi_pass 127.0.0.1:8999; | ||
+ | fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin$fastcgi_script_name; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_param SCRIPT_NAME awstats.pl; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | Para deixar publico a pasta /usr/share/doc | ||
+ | <source lang="nginx"> | ||
+ | location /doc { | ||
+ | root /usr/share; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | Ou um arquivo no caminho /srv/hatchepsut/nginx-powered.png | ||
+ | <source lang="nginx"> | ||
+ | location = /nginx-powered.png { | ||
+ | root /srv/hatchepsut; | ||
+ | access_log off; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | Alias | ||
+ | <source lang="nginx"> | ||
+ | location ^~ /phppgadmin { | ||
+ | alias /usr/share/phppgadmin/; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | Reescrita | ||
+ | <source lang="nginx"> | ||
+ | location /old_stuff/ { | ||
+ | rewrite ^/old_stuff/(.*)$ /new_stuff/$1 permanent; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | entrada para log | ||
+ | <source lang="nginx"> | ||
+ | log_format main '$remote_addr - $remote_user [$time_local] $status ' | ||
+ | '"$request" $body_bytes_sent "$http_referer" ' | ||
+ | '"$http_user_agent" "$http_x_forwarded_for"'; | ||
+ | </source> | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | #permite o acesso para o ip | ||
+ | allow 127.0.0.1; | ||
+ | |||
+ | #nega o acesso para todos | ||
+ | deny all; | ||
+ | |||
+ | #permite listar conteúdo da pasta | ||
+ | autoindex on; | ||
+ | |||
+ | #codificação da página | ||
+ | charset utf-8; | ||
+ | charset on; | ||
+ | |||
+ | #não gera log | ||
+ | access_log off; | ||
+ | |||
+ | #expira em 30 dias | ||
+ | expires 30d; | ||
+ | |||
+ | #restrição por senha - htpasswd | ||
+ | auth_basic "Restricted"; | ||
+ | auth_basic_user_file /etc/awstats/webstats.example.com.htpasswd; | ||
+ | |||
+ | client_body_buffer_size 128K; | ||
+ | client_header_buffer_size 128K; | ||
+ | client_max_body_size 1M; | ||
+ | large_client_header_buffers 1 1k; | ||
+ | error_page 404 /404.html; | ||
+ | </source> | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location = /favicon.ico { | ||
+ | log_not_found off; | ||
+ | access_log off; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location = /robots.txt { | ||
+ | allow all; | ||
+ | log_not_found off; | ||
+ | access_log off; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location ~* \.(txt|log)$ { | ||
+ | allow 192.168.0.0/16; | ||
+ | deny all; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location ~* ^.+\.(css|js)$ { | ||
+ | root /folder/to/static/files; | ||
+ | expires 30d; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location ~* \.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|xml|docx|xlsx)$ { | ||
+ | root /srv/hatchepsut/; | ||
+ | index index.php; | ||
+ | access_log off; | ||
+ | expires 30d; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | páginas de erro | ||
+ | <source lang="nginx"> | ||
+ | error_page 404 /index.php; | ||
+ | error_page 403 /403.html; | ||
+ | |||
+ | location ^~ /error_images/ { | ||
+ | root /var/www/static_pages/error_pages; | ||
+ | access_log off; | ||
+ | expires 30d; | ||
+ | } | ||
+ | |||
+ | |||
+ | location = /403.html { | ||
+ | root /var/www/static_pages/error_pages; | ||
+ | } | ||
+ | |||
+ | error_page 500 502 503 504 /50x.html; | ||
+ | location = /50x.html { | ||
+ | root /var/www/nginx-default; | ||
+ | } | ||
+ | |||
+ | error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 | ||
+ | 500 501 502 503 504 505 506 507 /error_page.html; | ||
+ | location /error_page.html { | ||
+ | internal; | ||
+ | </source> | ||
+ | |||
+ | userdir | ||
+ | <source lang="nginx"> | ||
+ | location ~ ^/~(.+?)(/.*)?$ { | ||
+ | alias /home/$1/public_html$2; | ||
+ | autoindex on; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | definindo um vhost como padrão do servidor - nginx | ||
+ | <source lang="nginx"> | ||
+ | server { | ||
+ | listen 80 default; | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | == tamanho do arquivo para upload nginx+php-fpm == | ||
+ | acrescente os valores em /etc/php5/fpm/domain.tld.conf | ||
+ | <source lang="php"> | ||
+ | max_execution_time = 240 | ||
+ | upload_max_filesize = 32M | ||
+ | post_max_size = 32M | ||
+ | memory_limit = 32M | ||
+ | </source> | ||
+ | |||
+ | o arquivo de configuração do site /etc/nginx/sites-enabled/domain.tld fica | ||
+ | <source lang="nginx"> | ||
+ | server { | ||
+ | server_name domain.tld www.domain.tld; | ||
+ | root /var/www/project; | ||
+ | index index.html index.php; | ||
+ | client_header_timeout 240; | ||
+ | client_body_timeout 240; | ||
+ | fastcgi_read_timeout 240; | ||
+ | client_max_body_size 32m; | ||
+ | client_body_buffer_size 128k; | ||
+ | |||
+ | location ~ \.php$ { | ||
+ | fastcgi_param PHP_VALUE "upload_max_filesize = 32M \n post_max_size=33M"; | ||
+ | fastcgi_split_path_info ^(.+\.php)(/.+)$; | ||
+ | fastcgi_pass 127.0.0.1:9000; | ||
+ | fastcgi_index index.php ; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | } | ||
+ | |||
+ | } | ||
+ | </source> | ||
+ | |||
+ | == arquivos SSI == | ||
+ | |||
+ | <source lang="nginx"> | ||
+ | location /reportagens/ { | ||
+ | ssi on; | ||
+ | ssi_last_modified on; | ||
+ | ssi_min_file_chunk 1k; | ||
+ | ssi_silent_errors off; | ||
+ | # ssi_types text/html; | ||
+ | ssi_value_length 256; | ||
+ | root /var/www/reportagens/public_html/; | ||
+ | index 01.shtml ; | ||
+ | |||
+ | location ~ \.shtml$ { | ||
+ | fastcgi_pass 127.0.0.1:9001; | ||
+ | fastcgi_index index.shtml; | ||
+ | include fastcgi_params; | ||
+ | fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | ||
+ | } | ||
+ | |||
+ | } | ||
+ | </source> | ||
+ | |||
+ | |||
+ | == proxy == | ||
+ | |||
+ | No caso de ter uma aplicação rodando em http://quijaua.net/bantu/galeria ficou assim | ||
+ | |||
+ | ajuste no apache | ||
+ | <source lang="apache"> | ||
+ | <VirtualHost *:81> | ||
+ | ServerName galeriainterna.net | ||
+ | DirectoryIndex index.php | ||
+ | DocumentRoot /var/www/html/galeria/public_html/cms/ | ||
+ | ErrorLog /var/log/apache2/galeria-error.log | ||
+ | CustomLog /var/log/apache2/galeria-access.log common | ||
+ | </VirtualHost> | ||
+ | </source> | ||
+ | |||
+ | altere em 80 para 81 em /etc/apache2/ports.conf | ||
+ | sed 's/80/81/g' /etc/apache2/ports.conf | ||
+ | |||
+ | |||
+ | ajuste no nginx | ||
+ | <source lang="nginx"> | ||
+ | server { | ||
+ | listen 80; | ||
+ | server_name quijaua.net; | ||
+ | root /var/www/html/galeria/public_html/cms; | ||
+ | |||
+ | index index.php; | ||
+ | access_log /var/log/nginx/galeria.access.log main; | ||
+ | error_log /var/log/nginx/galeria.error.log info; | ||
+ | |||
+ | location /bantu/galeria { | ||
+ | proxy_set_header X-Real-IP $remote_addr; | ||
+ | proxy_set_header X-Forwarded-For $remote_addr; | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_pass http://galeriainterna.net:81; | ||
+ | } | ||
+ | } | ||
+ | </source> | ||
+ | |||
+ | == gzip == | ||
+ | <source lang="nginx"> | ||
+ | gzip on; | ||
+ | gzip_vary on; | ||
+ | gzip_proxied any; | ||
+ | gzip_comp_level 6; | ||
+ | gzip_buffers 16 8k; | ||
+ | gzip_http_version 1.1; | ||
+ | gzip_types image/svg+xml text/plain text/xml text/css text/javascript application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript application/x-font-ttf application/vnd.ms-fontobject font/opentype font/ttf font/eot font/otf; | ||
+ | </source> | ||
+ | |||
+ | fonte https://www.wpfastestcache.com/tutorial/how-to-enable-gzip-on-nginx/ | ||
− | [[Categoria: | + | [[Categoria:Servidor]] |
Edição atual tal como às 00h22min de 27 de novembro de 2020
instalando Nginx
apt-get install libpcre3-dev libssl-dev build-essential
cd /usr/src
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
tar zxvf nginx-0.8.54.tar.gz
cd nginx-0.8.54/
./configure --prefix=/usr/local/nginx --user=www-data --group=www-data \
--without-mail_pop3_module --without-mail_imap_module --with-sha1=/usr/lib \
--without-mail_smtp_module --with-http_stub_status_module \
--with-http_ssl_module --http-log-path=/var/log/nginx/access.log \
--conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid \
--with-http_sub_module --with-http_ssl_module --with-http_gzip_static_module \
--with-http_stub_status_module
make
make install
cd /usr/src
wget http://pub.nkosi.org/nginx/iredmail/nginx-init
wget http://pub.nkosi.org/iredmail/nginx-logrotate
wget http://pub.nkosi.org/iredmail/nginx.conf
mkdir /etc/nginx/sites-enabled
mv nginx.conf /etc/nginx/
mv nginx-init /etc/init.d/nginx
mv nginx-logrotate /etc/logrotate.d/nginx
chmod 755 /etc/init.d/nginx
update-rc.d nginx defaults
iniciando serviços
/etc/init.d/nginx start
Instalando versão recente em Ubuntu 18.04
em /etc/apt/sources.list.d/nginx.list insira
deb [arch=amd64] http://nginx.org/packages/mainline/ubuntu/ bionic nginx deb-src http://nginx.org/packages/mainline/ubuntu/ bionic nginx
sudo wget https://nginx.org/keys/nginx_signing.key
sudo apt-key add nginx_signing.key
sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
sudo apt-get update
sudo apt-get install nginx
Referências
- https://www.linuxbabe.com/ubuntu/install-nginx-latest-version-ubuntu-18-04
- https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
- https://www.techrepublic.com/article/how-to-install-the-latest-version-of-nginx-on-ubuntu-server-18-04/
- https://askubuntu.com/questions/1229740/how-to-upgrade-to-latest-stable-nginx-on-ubuntu-18
- https://www.linuxbabe.com/ubuntu/install-nginx-latest-version-ubuntu-18-04
cgi
para aplicações que ficam em /usr/lib/cgi-bin
apt-get install fcgiwrap
location /cgi-bin/ {
gzip off;
root /usr/lib;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/lib$fastcgi_script_name;
}
com php - spawn-fcgi
apt-get install php5-cgi
wget http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz
tar -xf spawn*
cd spawn*
./configure
make
cp src/spawn-fcgi /usr/bin/spawn-fcgi
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-bin
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-init
mv php-fastcgi-bin /usr/bin/php-fastcgi
mv php-fastcgi-init /etc/init.d/php-fastcgi
echo cgi.fix_pathinfo = 1 >> /etc/php5/cgi/php.ini
chmod a+x /usr/bin/php-fastcgi
chmod 755 /etc/init.d/php-fastcgi
update-rc.d php-fastcgi defaults
/etc/init.d/php-fastcgi start
com perl
apt-get install libfcgi-perl
wget http://pub.nkosi.org/nginx/fastcgi-wrapper.pl-text
wget http://pub.nkosi.org/nginx/perl-fastcgi
mv perl-fastcgi /etc/init.d/
mv fastcgi-wrapper.pl-text /usr/bin/fastcgi-wrapper.pl
chmod a+x /usr/bin/fastcgi-wrapper.pl
chmod 755 /etc/init.d/perl-fastcgi
update-rc.d perl-fastcgi defaults
/etc/init.d/perl-fastcgi start
sintaxe para nginx.conf
em nginx.conf:
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/gif image/jpeg image/png;
gzip_disable "MSIE [1-6].(?!.*SV1)";
gzip_vary on;
include /etc/nginx/sites-enabled/*;
}
vhost simples - em /etc/nginx/sites-enabled/pub.nkosi.net
server {
listen 80;
server_name pub.nkosi.net;
location / {
root /var/www/quijaua.com.br/pub/;
index index.html;
}
}
acrescentando log
access_log /var/log/nginx/quijaua.com.br/pub/access.log;
error_log /var/log/nginx/quijaua.com.br/pub/error.log info;
e para cada domínio cria o respectivo diretório
mkdir -p /var/log/nginx/quijaua.com.br/pub/
Desativa visualização de .htaccess & .htpassword
location ~ /\.ht {
deny all;
}
- SSL em Certifcado SSL e Cacert
rodando php
location / {
root /usr/share/apache2/;
index index.php index.html;
}
location ~ \.php$ {
root /usr/share/apache2/;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/apache2$fastcgi_script_name;
fastcgi_param SERVER_NAME $http_host;
fastcgi_ignore_client_abort on;
}
redirecionamento
location / {
rewrite ^ https://mail.elegbara.net/webmail permanent;
}
ou
location = /direotorio/login.php {
return 301 http://novoendereco.com.br/login.php;
}
listando itens de um diretório - simples
location / {
root /var/www/pub/;
autoindex on;
autoindex_exact_size on
}
listando itens de um diretório - fancyindex baixe o pacote ngx-fancyindex-0.3 e acrescente em "configure" --add-module=ngx-fancyindex-0.3
location / {
root /var/www/pub/;
fancyindex on;
fancyindex_exact_size off;
}
rodando perl/cgi
location ~ ^/cgi-bin/.*\.pl$ {
gzip off;
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_index cgi-bin.php;
fastcgi_param SCRIPT_FILENAME /usr/share/apache2/cgi-bin.php;
fastcgi_param SCRIPT_NAME /cgi-bin/cgi-bin.php;
fastcgi_param X_SCRIPT_FILENAME /usr/lib$fastcgi_script_name;
fastcgi_param X_SCRIPT_NAME $fastcgi_script_name;
}
location ~ \.pl$ {
gzip off;
fastcgi_pass 127.0.0.1:8999;
fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin$fastcgi_script_name;
include fastcgi_params;
fastcgi_param SCRIPT_NAME awstats.pl;
}
Para deixar publico a pasta /usr/share/doc
location /doc {
root /usr/share;
}
Ou um arquivo no caminho /srv/hatchepsut/nginx-powered.png
location = /nginx-powered.png {
root /srv/hatchepsut;
access_log off;
}
Alias
location ^~ /phppgadmin {
alias /usr/share/phppgadmin/;
}
Reescrita
location /old_stuff/ {
rewrite ^/old_stuff/(.*)$ /new_stuff/$1 permanent;
}
entrada para log
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#permite o acesso para o ip
allow 127.0.0.1;
#nega o acesso para todos
deny all;
#permite listar conteúdo da pasta
autoindex on;
#codificação da página
charset utf-8;
charset on;
#não gera log
access_log off;
#expira em 30 dias
expires 30d;
#restrição por senha - htpasswd
auth_basic "Restricted";
auth_basic_user_file /etc/awstats/webstats.example.com.htpasswd;
client_body_buffer_size 128K;
client_header_buffer_size 128K;
client_max_body_size 1M;
large_client_header_buffers 1 1k;
error_page 404 /404.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~* ^.+\.(css|js)$ {
root /folder/to/static/files;
expires 30d;
}
location ~* \.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|xml|docx|xlsx)$ {
root /srv/hatchepsut/;
index index.php;
access_log off;
expires 30d;
}
páginas de erro
error_page 404 /index.php;
error_page 403 /403.html;
location ^~ /error_images/ {
root /var/www/static_pages/error_pages;
access_log off;
expires 30d;
}
location = /403.html {
root /var/www/static_pages/error_pages;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497
500 501 502 503 504 505 506 507 /error_page.html;
location /error_page.html {
internal;
userdir
location ~ ^/~(.+?)(/.*)?$ {
alias /home/$1/public_html$2;
autoindex on;
}
definindo um vhost como padrão do servidor - nginx
server {
listen 80 default;
}
tamanho do arquivo para upload nginx+php-fpm
acrescente os valores em /etc/php5/fpm/domain.tld.conf
max_execution_time = 240
upload_max_filesize = 32M
post_max_size = 32M
memory_limit = 32M
o arquivo de configuração do site /etc/nginx/sites-enabled/domain.tld fica
server {
server_name domain.tld www.domain.tld;
root /var/www/project;
index index.html index.php;
client_header_timeout 240;
client_body_timeout 240;
fastcgi_read_timeout 240;
client_max_body_size 32m;
client_body_buffer_size 128k;
location ~ \.php$ {
fastcgi_param PHP_VALUE "upload_max_filesize = 32M \n post_max_size=33M";
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php ;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
arquivos SSI
location /reportagens/ {
ssi on;
ssi_last_modified on;
ssi_min_file_chunk 1k;
ssi_silent_errors off;
# ssi_types text/html;
ssi_value_length 256;
root /var/www/reportagens/public_html/;
index 01.shtml ;
location ~ \.shtml$ {
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.shtml;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
proxy
No caso de ter uma aplicação rodando em http://quijaua.net/bantu/galeria ficou assim
ajuste no apache
<VirtualHost *:81>
ServerName galeriainterna.net
DirectoryIndex index.php
DocumentRoot /var/www/html/galeria/public_html/cms/
ErrorLog /var/log/apache2/galeria-error.log
CustomLog /var/log/apache2/galeria-access.log common
</VirtualHost>
altere em 80 para 81 em /etc/apache2/ports.conf
sed 's/80/81/g' /etc/apache2/ports.conf
ajuste no nginx
server {
listen 80;
server_name quijaua.net;
root /var/www/html/galeria/public_html/cms;
index index.php;
access_log /var/log/nginx/galeria.access.log main;
error_log /var/log/nginx/galeria.error.log info;
location /bantu/galeria {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://galeriainterna.net:81;
}
}
gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types image/svg+xml text/plain text/xml text/css text/javascript application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript application/x-font-ttf application/vnd.ms-fontobject font/opentype font/ttf font/eot font/otf;
fonte https://www.wpfastestcache.com/tutorial/how-to-enable-gzip-on-nginx/