Nginx: Unterschied zwischen den Versionen
Aus Alexander's Wiki
Admin (Diskussion | Beiträge) |
Admin (Diskussion | Beiträge) |
||
Zeile 1: | Zeile 1: | ||
== Nginx installieren == | == Nginx installieren == | ||
=== Debian / Ubuntu === | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
sudo apt update | sudo apt update | ||
sudo apt install nginx -y | sudo apt install nginx -y | ||
</syntaxhighlight> | |||
=== CentOS === | |||
<syntaxhighlight lang="bash"> | |||
sudo yum install epel-release -y | |||
sudo yum install nginx -y | |||
</syntaxhighlight> | |||
==== Zusätzliche Befehle ==== | |||
Nginx starten und automatisch starten lassen:<syntaxhighlight lang="bash"> | |||
systemctl start nginx | |||
systemctl enable nginx | |||
</syntaxhighlight>Wenn Änderungen in der Konfiguration vorgenommen werden, muss nginx neu gestartet werden:<syntaxhighlight lang="bash"> | </syntaxhighlight>Wenn Änderungen in der Konfiguration vorgenommen werden, muss nginx neu gestartet werden:<syntaxhighlight lang="bash"> | ||
sudo systemctl reload nginx | sudo systemctl reload nginx | ||
Zeile 8: | Zeile 22: | ||
netstat -plntu | netstat -plntu | ||
</syntaxhighlight> | </syntaxhighlight> | ||
== Firewall konfigurieren == | |||
=== UFW Firewall === | |||
<syntaxhighlight lang="bash"> | |||
ufw allow ssh | |||
ufw enable | |||
ufw allow http | |||
ufw allow https | |||
ufw status | |||
</syntaxhighlight> | |||
=== Firewalld === | |||
<syntaxhighlight lang="bash"> | |||
systemctl start firewalld | |||
systemctl enable firewalld | |||
firewall-cmd --add-service=http --permanent | |||
firewall-cmd --add-service=https --permanent | |||
firewall-cmd --reload | |||
firewall-cmd --list-services | |||
</syntaxhighlight>'''ssh ist standardmäßig aktiviert.''' | |||
== letsencrypt installieren == | == letsencrypt installieren == |
Version vom 8. April 2022, 21:48 Uhr
Nginx installieren
Debian / Ubuntu
sudo apt update
sudo apt install nginx -y
CentOS
sudo yum install epel-release -y
sudo yum install nginx -y
Zusätzliche Befehle
Nginx starten und automatisch starten lassen:
systemctl start nginx
systemctl enable nginx
Wenn Änderungen in der Konfiguration vorgenommen werden, muss nginx neu gestartet werden:
sudo systemctl reload nginx
Ports auf den nginx läuft:
netstat -plntu
Firewall konfigurieren
UFW Firewall
ufw allow ssh
ufw enable
ufw allow http
ufw allow https
ufw status
Firewalld
systemctl start firewalld
systemctl enable firewalld
firewall-cmd --add-service=http --permanent
firewall-cmd --add-service=https --permanent
firewall-cmd --reload
firewall-cmd --list-services
ssh ist standardmäßig aktiviert.
letsencrypt installieren
sudo apt install letsencrypt -y
Portweiterleitung:
server {
listen 80;
server_name kluge-pferde.de www.kluge-pferde.de;
return 301 https://www.kluge-pferde.de$request_uri;
}
ssss
server {
listen 443;
server_name kluge-pferde.de;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
rewrite_log on;
root /var/www/app/webroot;
index index.php index.html index.htm;
client_max_body_size 100M;
# Static files.
# Set expire headers, Turn off access log
location ~* \favicon.ico$ {
access_log off;
expires 1d;
add_header Cache-Control public;
}
location ~ ^/(img|cjs|ccss)/ {
access_log off;
expires 7d;
add_header Cache-Control public;
}
# Deny access to .htaccess files,
# git & svn repositories, etc
location ~ /(\.ht|\.git|\.svn) {
deny all;
}
}
Spezielle Anpassungen für CakePHP
# Not found this on disk?
# Feed to CakePHP for further processing!
if (!-e $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
# Pass the PHP scripts to FastCGI server
# listening on 127.0.0.1:9000
# location ~ \.php$ {
# fastcgi_pass unix:/tmp/php.socket;
# #fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_intercept_errors on; # to support 404s for PHP files not found
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# include fastcgi_params;
# }
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
#fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}