How can I add PHP-FPM with nginx? - nginx

Currently I'm using nginx with HHVM but for some reasons HHVM crashs alot
What I'm trying to do is:
Rplace HHVM with php-fpm
OR
Add php-fpm as fallback
PS: I used this to install nginx + HHVM:
https://github.com/facebook/hhvm/wiki/Getting-Started

I have made this simple script to install latest HHVM/Nginx/MySQL, at once, depending on different Ubuntu Distros. Binaries that are used, come from the official repos that the HHVM team uses. Check var/log/hhvm, error.log file and create issue if you think it is a HHVM.
I use HHVM on servers, and it rarely crashes.

Related

Compiling ModSecurity in NGINX OSS

I am trying to compile ModSecurity for the Nginx OSS web server. I have followed all of the instructions from their "Quick Start Guide", but am running into an issue. After linking up the new module, the config test fails.
Error output from /var/log/nginx/error.log is:
2018/02/10 00:47:51 [emerg] 6026#6026: module "/usr/share/nginx/modules/ngx_http_modsecurity_module.so" is not binary compatible in /etc/nginx/modules-enabled/50-mod-http-modsecurity.conf:1
originally the dynamic module was compiled with
sh
./configure --with-compat --add-dynamic-module=../ModSecurity-nginx
but this results in the error.
from what I've read, I need to compile the module with identical options as the existing Nginx instance.
I found the current options using nginx -V, and then re-ran the ./configure using all of the output options, but this gives the same error.
Can anyone point me down the right path here?
Thanks for any help.
UPDATE 10/29/18
It seems the original binary also needs to be compiled with the --with-compat flag. I have submitted a bug report on the issue that can be found here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897926
Maybe it can get some traction.
I had a similar issue. I was using Nginx 1.10.3 which is the default for Debian Stretch. This version does not seem to work with the latest Nginx ModSecurity connector.
I removed the default Nginx version and installed the latest stable Nginx from http://nginx.org/en/linux_packages.html. After that I was able to install and load the ModSecurity module for Nginx without problems. I followed this guide: https://www.linuxjournal.com/content/modsecurity-and-nginx for installing the ModSecurity module for Nginx.
The latest stable version of Nginx which is 1.14.2 supports the --with-compat flag. When compiling Nginx source code make sure to use the same compiler options that were used with your running Nginx. To find out which compile time options were used to build your currently running Nginx, run the command: nginx -V

Installation issues with openresty

My machine has Mac os. In this I have nginx 1.6.x. I initially installed with Homebrew.
I am trying to run a project which in production uses openresty (as it has lua 3rd party modules)
My confusion is regarding which one to install.
Do I need to completely remove nginx and install openresty, as it's documentation says it's a bundle of components,i.e. it will contain nginx?
or
Install new version of nginx with lua 3rd party modules and then install openresty too.
Sorry if there is a or too many typo in my question.
A good link will be helpful as I think I have confused myself enough.
Thanks in Advance.
Openresty is nginx bundled with lua and other 3rd party modules, so having both of them installed on your computer may lead to trouble, for example:
This case can happen if you try to run both of them at the same time: Your nginx conf file can have a server block listening to a port while your openresty also have a server block listening to that block. If nginx is already running, openresty won't be able to run, since the port is already bound.
I installed openresty with a previous installation of nginx and ran into some problems, so i would advise you to save relevant configuration and data from your nginx instalation and removing it.
Installing openresty seems better since besides installing nginx, it will install lua modules and a few more as it is listed on their github.https://github.com/openresty/lua-nginx-module
I don't know how your project is going, but i would suggest moving using openresty, since it will save potential trouble.

Recompile Nginx with additional modules

I installed Nginx via apt-get on Debian a while ago, and I've got a couple of sites live on it. Now I need to install some additional modules, and as I don't want to mess anything up I'd like to double check my process before I perform it. Hopefully this will also help others that are unsure about this part.
As I've understood it I have to do the following to minimize the downtime:
Download the source for Nginx
Add the additional modules with ./configure --additional-module
Compile Nginx with make
Stop the current server (service nginx stop)
Install Nginx with make install
Start the new server (service nginx start)
Or do I have to uninstall Nginx first, as it's not compiled from source at this point?
Having done something similar on Ubuntu before, the installation should overwrite the existing nginx binaries with the newly compiled ones, so long as yes, you ensure nginx isn't running on the system at the time.
I'd recommend trying to install nginx elsewhere on the system, so in case you can't get it to work quickly, you can restart your web server with the old nginx binaries and not have significant downtime.
nginx -V - helpful command which shows options for .\configure which was used to make nginx, which is actually working.
Helpful to get detail imagination about.
apt-get source nginx - to get source
install will automatically substitute actual installed version by new one
Keep also in mind that some nginx-modules can require additional libs on server. geoip module is classical example of it

How to configure additional modules to nginx after installation?

I have installed Nginx in our redhat machine using rpm. Now we want to add nginx-rtmp module, but inorder to add new module as per the document i need to build it by downloading the tar ball. Does it mean that i have to remove the rpm and install it as per the document.
Ref: https://github.com/arut/nginx-rtmp-module/wiki/Getting-started-with-nginx-rtmp
./configure --add-module=/usr/build/nginx-rtmp-module
make
make install
With nginx 1.9.11, it's not necessary to recompile the server, as they added support for dynamic modules. Take a look here:
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/
Unlike Apache, all modules, including the 3rd party modules, are going to be compiled into nginx. So every time you want to add a new module, you have to recompile nginx.
So yes, you have to install it as per the document. There is no much value of keeping 2 nginx runtimes on the same server any way. So you may also want to remove the previous nginx.
I had a similar problem where the auth-pam module broke after an upgrade. Here's what fixed it for me (debian stretch/sid, nginx 1.10.2):
apt install libnginx-mod-http-auth-pam
ln -s /usr/share/nginx/modules-available/mod-http-auth-pam.conf /etc/nginx/modules-enabled/50-mod-http-auth-pam.conf
The config file contains a single “load_module” directive which tells nginx to dynamically load the module on startup. As jekennedy mentioned, this would only apply to newer versions of nginx that support dynamic module loading.
Yes, you have to uninstall nginx (installed via rpm) and re-install it according to the mentioned document that is from source file. There are some disadvantages of installing nginx using source, like you cannot use nginx as a service. Here, you can find instructions to do same thing with all the functionalities you get while installing nginx using OS-respective packages.
Following the steps in this post from the nginx blog page called "Compilation of Dynamic Modules for NGINX Plus", i could compiled the RTMP módule, downloading the nginx-rtmp-module from Github and import it on my webserver.
Regards.

Forbidden message when serving a sinatra local site using nginx passenger

I've followed the instructions for installing phusion passenger with nginx in ubuntu. I had some issues while installing since I use rvm and I had to install as root and the installer was failing to find rake so i temporarily chmoded /opt to be owned by my user and after installation I resetted ownership to root. I can see nginx welcome page but when I try to visit a sinatra app I get forbidden, the virtual host is pointed to the sinatra app public dir and the permissions for the whole app are 777.
Try Passenger 3. It automatically detects most permission problems and tells you how to fix them.
If this is for a production system, you really don't need the flexibility of RVM as you should be using a single stable version of Ruby and Rails for Phusion. Install the version you need, using Aptitude if that version is available, and be done with it.
Because this is the page that Google brought me to for my issue, which isn't a Passenger issue, but a Nginx reverse-proxy issue, you need to add the line
disable :protection
somewhere in your sinatra app. I have mine at the very end, outside any method (in global scope).
Well my mistake was not using rvmsudo to install nginx with passenger, instructions here: http://rvm.io/integration/passenger/.

Resources