[Web server] Tổng hợp các nginx virtualhost content HTTP, HTTPS
ln -s /etc/nginx/sites-available/virtualhost1 /etc/nginx/sites-enabled/virtualhost1Sau đây là một số file virtualhost mình đang sử dụng cho các trường hợp khác nhau và sẽ được cập nhật cho phù hợp theo kinh nghiệm quản trị.
1. Site in folder:
Virtualhost này sẽ chạy domain demo1.chungkol.com và demo2.chungkol.com cho source đặt trong folder /usr/share/nginx/www,
Các lỗi 502, 503, 504 sẽ được customize về file /var/www/50x/index.html
server {2. HTTP proxy_pass to HTTP site (Reverse proxy)
listen 80;
server_name demo1.chungkol.com demo2.chungkol.com;
root /usr/share/nginx/www;
index index.html index.htm;
}
error_page 502 503 504 /50x.html;
location /50x.html {
root /var/www/50x;
}
server {3. HTTPS proxy_pass to HTTP site (Reverse proxy)
listen 80;
server_name demo1.chungkol.com demo2.chungkol.com;
root /usr/share/nginx/www;
index index.html index.htm;
location / {
proxy_pass http://172.16.1.151:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
server {4. Loadbalancer:
listen 443;
server_name demo1.chungkol.com demo2.chungkol.com;
ssl on;
ssl_certificate /etc/nginx/ssl/star_chungkol_com.crt;
ssl_certificate_key /etc/nginx/ssl/star_chungkol_com.key;
fastcgi_param HTTPS off;
fastcgi_param HTTP_SCHEME https;
location / {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
proxy_pass http://172.16.1.151:8080;
proxy_connect_timeout 15;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect http:// https://;
}
}
upstream chungkol_nlb{
server 172.16.1.151:8080 fail_timeout=10s max_fails=2 weight=5;
server 172.16.1.152:8080 fail_timeout=10s max_fails=2;
}
server {
listen 80;
server_name demo1.chungkol.com demo2.chungkol.com;
root /usr/share/nginx/www;
index index.html index.htm;
location / {
proxy_pass http://chungkol_nlb;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}
5. PHP trong nginx:
- Cài đặt các gói cần thiết:
sudo apt-get install php5-cgi php5-mysql php5-curl php5-mcrypt php5-gd php-pear php5-dev php5-fpm- Virtualhost mẫu:
server {
listen 80;
root /data/drupal;
index index.php index.html index.htm;
server_name chungkol.com;
location ~ \.php$ {
error_page 418 = @rewrite;
recursive_error_pages on;
fastcgi_split_path_info ^[^=](.+\.php)(/.+)$;
include fastcgi_params;
if ( $uri = /index.php ) {
# not sure this conditional works, will have to check the debug logs
break;
}
if ( !-e $document_root$fastcgi_script_name) {
return 418;
}
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_read_timeout 240;
fastcgi_pass 127.0.0.1:9000;
}
}
