I have tried to setup nginx on my server but I am unable to create multiple server blocks.
I have created two files : xxx.com and yyy.com in the sites-available folder and symlinked it in the sites-enabled folder. But both domains point to only 1 site. Like opening xxx.com opens yyy.com
For site xxx.com and yyy.com (replace xxx.com with yyy.com), I have following config file in sites-available :
server {
listen 80;
server_name xxx.com www.xxx.com;
root /var/www/xxx.com/public_html;
index index.html index.php index.htm index.nginx-debian.html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$args =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_read_timeout 300;
}
}
for default :
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
#listen 443 ssl http2 default_server;
#listen [::]:443 ssl http2 default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
#include snippets/self-signed.conf;
#include snippets/ssl-params.conf;
#root /var/www/public_html;
# Add index.php to the list if you are using PHP
index index.html index.php index.htm index.nginx-debian.html;
server_name _;
#location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ /index.php?$args;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
# fastcgi_read_timeout 300;
}
}
I have also added entries for thre respective domain in the /etc/hosts and also set nginx.conf server_names_hash_bucket_size 64;.
What could I be missing?
Related
I have an NGINX web server with two domains and it also runs phpMyAdmin.
phpMyAdmin is working fine and I access it through the below non-https url:
public-ip-address/phpMyAdmin
This is how the symbolic link was setup:
sudo ln -s /usr/share/phpmyadmin/ /var/www/html
Is there a way I can point phpMyAdmin to a website's subdirectory?
For example, I would like to access the phpMyAdmin login page by accessing the following URL:
domain1.com/phpMyAdmin/
How can I achieve this? domain1.com has https enabled. So it would also secure my phpMyAdmin login.
The server block is the same as the default block for NGINX. I have created a new config file by copying it to domain.com in the /etc/NGINX/sites-available folder.
The only changes are in the server and root path tags. Rest everything is default.
server domain1.com www.domain1.com;
root /var/www/domain1.com/html/
I am using certbot for Let's Encrypt SSL certificates. My server block config is shared below:
# Server Block Config for domain1.com
server {
root /var/www/domain1.com/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name domain1.com www.domain1.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain1.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain1.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.domain1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name domain1.com www.domain1.com;
return 404; # managed by Certbot
}
Contents of /etc/nginx/snippets/fastcgi-php.conf:
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
include fastcgi.conf;
Here is the location block that should work for you (at least the similar config works for me):
location ~* ^/phpmyadmin(?<pmauri>/.*)? {
alias /usr/share/phpmyadmin/;
index index.php;
try_files $pmauri $pmauri/ =404;
location ~ \.php$ {
include fastcgi.conf;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$pmauri;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
}
Place it before the default PHP handler location block, or the default PHP handler block will take precedence and this configuration won't work!
You can simply add another symlink to the domain1.com root, while keeping everything else same, like you did for the default domain.
sudo ln -s /usr/share/phpmyadmin/ /var/www/domain1.com/html
Am I missing something?
I came to this thread while looking for a solution to another problem (Nginx alias breaks due to try_files $uri alias bug) but since you are already using symlink to phpmyadmin for the site you access through IP, you can do the same for any domain.
I have setup an NGINX server with multiple server blocks. I have configured 2 simple websites to run on the same server. They point to two different root paths specified in the respective server block file.
I have updated the DNS details for both the domains:
Name Servers: updated details as per registrar
A records: updated same static IP address
However, when I test with domain2.com in the browser, it redirects to domain1.com. What am I doing wrong? I have already restarted the nginx server using:
sudo systemctl restart nginx
This is how my server block looks like:
# Default server configuration
#
server {
root /var/www/domain1.com/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name domain1.com www.domain1.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain1.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain1.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.domain1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain1.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name domain1.com www.domain1.com;
return 404; # managed by Certbot
}
This is my second server block file:
# Default server configuration
#
server {
listen 80;
listen [::]:80;
root /var/www/domain2.com/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name domain2.com www.domain2.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
Your server block configuration files are perfect. Do not change anything. Let me explain what is happening. Your server block indicates that you installed certbot, probably for deploying Lets Encrypt SSL certificates for domain1.com whereas the server block for domain2.com does not have any entry managed by certbot yet. This probably means that you are using ssl certificates for domain1.com but not for domain2.com.
At the time of configuring SSL certificates for domain1.com, you probably selected the option of redirecting all traffic to SSL. Whats happening is that when the dns servers send a request for domain2.com to your web server, it expects an SSL certificate for that domain but finds none. It then redirects all traffic to the existing domain which has a valid SSL certificate installed.
However, the domain name on the certificate (domain1.com) shall not match the information passed on by the DNS server for domain2.com. Hence, it shall, in all likelihood, throw an error or warning message regarding invalid SSL certificates.
Solution: Install a new SSL certificate for domain2.com just like you did for domain1.com and everything should work fine.
Let me know if it works.
I have five domains i am trying to setup on nginx installation
This is what i found as default conf
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
#try_files $uri $uri/ =404;
# }
#}
I want to remove the comments and default conf and replace it with numbered conf files like
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name first.com www.first.com;
root /var/www/first;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
one.conf and two.conf
server {
listen 80;
listen [::]:80;
server_name second.com www.second.com;
root /var/www/second;
index index.html;
location / {
try_files $uri $uri/ =404;
}
}
Granted i delete the default conf, what is the effect of leaving out default_server in the one.conf conf?
Thanks.
Nginx always has a default server. It is either the one you choose with the default_server attribute, otherwise Nginx will use the first server block with the correct listen directive. See this document for details.
In your case, the first server block will be in the first .conf file, which is usually the one with the first filename when sorted alphanumerically.
I was already using nginx default configuration settings along with wsgi for flask deployment.
Now , I am trying to handle https requests on production server. For this had mapped IP to a domain(lets say www.server_name.co) and followed how-to-install-nginx-on-ubuntu-18-04 to do the necessary configuration as per.
While testing configuration using sudo nginx -t it gives following error.
ginx: [warn] conflicting server name "www.server_name.co" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.server_name.co" on [::]:80, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Followed various link related to this issue on stack overflow and also checked the default configuration /etc/nginx/sites-available/default and commended default server blocks and restarted the nginx server and tested again sudo nginx -t . Still it is giving same error.
Here is my configuration files of /etc/nginx/sites-available/default after adding configuration for www.server_name.co
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
#index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
server {
listen 80 ;
listen [::]:80 ;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name www.server_name.co; # managed by Certbot
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.server_name.co/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.server_name.co/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
Can anybody help me setup https nginx deployments? Any leads highly appreciated. Thanks.
I am having a bit of an issue at the moment with the nginx. No matter what config I make, I will get 404 page.
I am following instructions for setting up nginx for laravel.
Folder where the project is located is /var/www/smuvajse, and main index.php is located into public folder (full path would be /var/www/smuvajse/public)
This is my config file:
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/smuvajse/public;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name ip_of_the_instac;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
change try_files $uri $uri/ =404; to try_files $uri $uri/ /index.php?q=$uri&$args; and reload nginx and it should solve the issue.