Nginx

Table of Contents

What is it?

  • Web server and reverse proxy

Directory hierarchy

By the Filesystem Hierarchy Standard, you want your web content to exist in either /var/www/, /srv, /usr/share/www.

nginx.conf

  • Main control point
  • This file reads in all other config files and combines them into a monolithic config file when server starts

Here is an example of a basic nginx.conf.

user  nginx;  # <= specifies the user to run the process under
worker_processes  1;  # <= number of internal processes

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


# this directive/section specifies how Ngin handles connections
events {
    worker_connections  1024;
}


# 
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
               '$status $body_bytes_sent "$http_referer" '
               '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;  # <= added by me, as it's just convention
}

sites-available & sites-enabled

  • Convention which carries over from Apache
  • Used to define configurations different websites being served
  • Create files in sites-available and symbolically link to sites-enabled

conf.d

  • Every file in this dir ending in .conf is read when Nginx is started

Configuration

  • Managed in "blocks"
  • blocks are layered nginx_1637525cf02f6fd6d9c4b23a99fde4e4c0783292.png enclosed blocks inherits from the block the are located in

Server

  • Same as Apache's virtual hosts
  • Specification for individual web sites that the server can host

Pitfalls and Common Mistakes

Check this url out. Especially the following sections:

How-to

Create serve simple website

  1. We put the static files in the dir /var/www/octochain.com/.
  2. Create the nginx config file in the dir /etc/nginx/sites-available/. A very basic such config file:

    server {
        listen 80;
        server_name localhost;  # <= ip to listen to
    
        root /var/www/octochain.com/;  # <= folder to serve files from
        index index.html index.htm;  # <= index.html, if doesn't exists try index.html
    
        location / {
            try_files $uri $uri/ /index.html;
        }
    }
    
  3. Create a symlink to sites-available and put it in the sites-enabled folder under /etc/nginx/
  4. Restart nginx (normally by sudo service nginx restart)

Website with forced HTTPS

server {
 listen 80 default_server;
 listen [::]:80 default_server;
 server_name www.octochain.com octochain.com;
 return 301 https://$server_name$request_uri;
}

server {
   listen 443 ssl;
   server_name octochain.com www.octochain.com;

   ssl_certificate /etc/letsencrypt/live/www.octochain.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/www.octochain.com/privkey.pem;

   root /var/www/octochain.com/;
   index index.html index.htm;

   location / {
try_files $uri $uri/ /index.html;
   }
}

Proxy with forced HTTPS

server {
 listen 80 default_server;
 listen [::]:80 default_server;
 server_name www.octochain.com octochain.com;
 return 301 https://$server_name$request_uri;
}

server {
   listen 443 ssl;
   server_name octochain.com www.octochain.com;

   ssl_certificate /etc/letsencrypt/live/www.octochain.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/www.octochain.com/privkey.pem;

   root /var/www/octochain.com/;
   # index index.html index.htm;

   location / {
# try_files $uri $uri/ /index.html;
proxy_pass          http://localhost:8081;
proxy_read_timeout  90;

proxy_redirect      http://localhost:8081 https://$server_name$request_uri;
   }
}

Appendix A: Words yo

reverse proxy
proxy which retrieves resources on behalf of a client from one or more servers