Nginx

From XennisWiki
Jump to: navigation, search

Nginx (pronounced "engine x") is a web server with a strong focus on high concurrency, performance and low memory usage. It can also act as a reverse proxy server for HTTP, HTTPS, SMTP, POP3, and IMAP protocols, as well as a load balancer and an HTTP cache. (Wikipedia, Nginx)

Install

apt
sudo apt-get install nginx

Basics

Start, stop and reload service

Further information: Beginner's Guide - Starting, Stopping, and Reloading Configuration

nginx -s stop|quit|reload|reopen

If you stopped Nginx use the following command to start it (maybe sbin instead of bin)

/usr/bin/nginx

Log file location

Log directory: /var/log/nginx/

Create a configuration file for an application

The available sites are in the directory /etc/nginx/sites-available/. To add a new site, add there for instance the file myapp.

Next create a symbolic link of this files in the sites-enabled directory

ln -s /etc/nginx/sites-available/myapp /etc/nginx/sites-enabled/myapp

Basic configure

Define log and alias location

server {
    access_log /webapps/myapp/log/nginx_access.log;
    error_log /webapps/myapp/log/nginx_error.log;

    location /static/ {
        alias /webapps/myapp/static/;
    }
}

The URL localhost/static redirects then to /webapps/myapp/static/.

Maintenance page

When the file maintenance_on.html exists, it get's displayed

server {
    # ...

    location / {
        if (-f webapps/myapp/maintenance_on.html) {
            return 503;
        }

        # ...
    }

    error_page 503 /maintenance_on.html;
    location = /maintenance_on.html {
        root webapps/myapp/;
    }

Advanced configuration

Configure proxy to Jetty

Further information: Java servers like Jetty, GlassFish and Tomcat, How do I configure nginx as proxy to jetty?

/etc/nginx/sites-available/default.conf

server {
    listen       80;
    server_name  example.org;
    root "/usr/share/nginx/html";

    location / {
        proxy_pass       http://localhost:8080;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
    }
}

HTTPS

Create certificate

Further information: Generate private key and certificate signing request

openssl genrsa -des3 -passout pass:x -out server.pass.key 2048
rm server.pass.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Configure application (HTTPs)

The certificate file is in this example myapp.crt and key myapp.key

server {
    listen      80;
    server_name example.org;
    rewrite     ^ https://$server_name$request_uri? permanent;
}

server {
    listen              443;
    server_name         example.org;
    ssl on;
    ssl_certificate     /etc/ssl/myapp.crt;
    ssl_certificate_key /etc/ssl/myapp.key;

    # ...
}

Configure application (HTTP and HTTPs)

Listen port 80 and 443

server {
    listen              80;
    listen              443 ssl;
    server_name         example.org;
    ssl_certificate     /etc/ssl/myapp.crt;
    ssl_certificate_key /etc/ssl/myapp.key;

    # ...
}

See also

External links