Hello i have one Linux Server with one Ip-Adress. What i want to do is i want to host 4 or more different Websites/Services on this Server, all these should have https
I know that it is possible to set some websites on different Ports, but i want this.
I read stuff about docker & ngix reverse proxy. Could someone link give me a good explanation.
Thanks
Maty
If you are trying to host 4 different domains on the same server, then
first install NGINX with these commands:
sudo apt update
sudo apt install nginx
Then,
create 4 different domain.conf files in the /etc/nginx/sites-enabled directory. ( here domain can be anything that you can remember to map the sites ).
paste the below code with some modifications:
server{
listen 80 default_server;
listen [::]:80 default_server;
server_name **domain**;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_redirect off;
proxy_pass http://127.0.0.1:**port**/;
proxy_redirect off;
}
}
In the above code, change the domain and port accordingly.
run sudo nginx -t and check if there's any issue raised.
restart the nginx server ( sudo service nginx restart )
Now it should be running on 4 different servers with HTTP
For HTTPS
Install certbot
apt-get update
sudo apt-get install certbot
apt-get install python-certbot-nginx ( try apt-get install python-certbot-nginx for Ubuntu 18.04 and later )
Run the following command to generate certificates with the nginx:
sudo certbot --nginx -d domain.com -d www.domain.com
Now if you look at the domain.conf files of /etc/nginx/sites-enabled , you notice the certbot added few lines.
Now restart the nginx server and boom!!!! it works.
Note : you have to purchase those domains with the domain providers.
Hope this helps you!!!
Infact I stucked very much to keep this docs with me previously...
comment if you get any errors or doubts.
Related
I tried to setup the Varnish on the Instance Debian 10 but then something goes wrong and I tried installing some apache2 modules like
sudo a2enmod SSL
sudo a2enmod proxy
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http
But after enabling these modules when I restarted Apache2 I was unable to start the apache because there was something that was blocking port 443 and causing conflict with Apache2. When I removed the port Listen 443 from ports.conf file I was able to start the apache server but only on the 8080 port and on port 80 varnish is running but on the port 443, there is a service called httpd running which I am unable to find out from which config file it is configured.
The content of the ports.conf file is
# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf
Listen 8080
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Screenshot of the ports process running. I am unable to use port 443 and unable to stop that service httpd also. it is not linked with apache2 I tried stopping the apache but this service keeps on running.
httpd
The httpd service usually refers to the Apache webserver. However, if you install Apache on Debian via apt-get install apache2, the actual service is called apache2. This is also reflected in your netstat output.
On Red Hat based system the service is called httpd. Is it possible that you compiled an Apache server from source on that same machine? Or did you accidentally install a package that is httpd-relate?
You can perform a dpkg -l to list the installed packages, maybe you'll find it there.
Anyway, please kill the httpd process and check if there's a systemd service that contains that service name. You can go into /lib/systemd/system and perform a grep httpd *.
What about TLS in Varnish?
You shouldn't enable HTTPS on your system by using mod_ssl. You should install a TLS proxy that terminates the TLS session and then passes the plain HTTP connection to Varnish which in its turn will talk plain HTTP with Apache.
I advise you to use Hitch, it's a TLS proxy that is developed by Varnish Software engineers. It's flexible, powerful and lightweight.
To install Hitch, you can find the official packages here: https://packagecloud.io/varnishcache/hitch.
Here's the documentation you might need: https://github.com/varnish/hitch/tree/master/docs
A Varnish Developer Portal tutorial about Hitch will be available some time next week.
I am working on Ubuntu 18 and trying to render an HTML page via NGINX. Following this link I did these steps:
Created html directory using sudo mkdir -p /var/www/sample/html
Placed my Web files directory webui under the html above
Created a nginx conf file using sudo vi /etc/nginx/sites-available/sample.conf
Placed below in the sample.conf
server {
listen 80;
listen [::]:80;
root /var/www/sample/html;
index index.html index.htm index.nginx-debian.html;
server_name 123.54.67.235;
location / {
include proxy_params;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://localhost/webui/;
}
location /app {
include proxy_params;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://123.54.67.235:7000;
}
}
Created a link from it to the sites-enabled directory using sudo ln -s /etc/nginx/sites-available/sample.conf /etc/nginx/sites-enabled/
Un-commented server_names_hash_bucket_size 64;
Did sudo nginx -t. Got below message:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Did sudo systemctl restart nginx. No error came.
Now when I try to go to http://123.54.67.235 from my browser, I get nginx 500 Internal Server Error.
Not sure what's the mistake I am making as I am very new to and in-experienced with this. Can anyone suggest what's the reason for this?
UPDATE: When I go to my Nginx Error log I see below error there:
2019/05/05 05:52:51 [alert] 29779#29779: *2588 768 worker_connections are not enough while connecting to upstream, client: 123.54.67.235, server: 134.209.113.22, request: "GET /webui/webui/webui/webui/webui/webui/webui/webui/.....
Note: I am using my server's ip address in the server_name field of conf file as I do not have a domain name assigned to my server.
The proxy_pass http://localhost/webui/; statement points into the same server and generates a recursive loop by adding an endless number of /webui/ path elements. The proxy_pass directive is intended for a reverse proxy, and is used to forward requests to some other server.
To serve static content, you should use a root statement.
If the URI /foo should serve the file at /var/www/sample/html/webui/foo, use root /var/www/sample/html/webui;.
For example:
server {
...
root /var/www/sample/html/webui;
...
location / { }
location /app {
include proxy_params;
proxy_...;
proxy_pass ...;
}
}
The location / block is empty.
I have a VM with multiple apps. for example:
32.32.32.01/app1
32.32.32.01/app2
32.32.32.01/app3
I have a domain name from namecheap and I want it to use it only for app1.
so www.mydomain.com should take me to 32.32.32.01/app1.
I created URL Redirect Records on namecheap for both aliases (www and #) but it is not working.
Do I have to also do some configuration at the google cloud side?
You need enter via ssh to the VM, you also need a Apache http server, and create a site: ex:
cd /etc/apache2/sites-available
sudo cp 000-default.conf siteName.conf
sudo nano siteName.conf
Add a configuration (i dont remember the exact config, but this can give you a idea of the file content)
<VirtualHost *:80>
ServerAdmin mail#server.co
ServerName domain.co
ServerAlias www.domain.co
DocumentRoot /var/www/site
...
Save the file and restart apache
sudo a2ensite siteName
sudo service apache2 reload
I followed the instruction at this link to setup Pound load-balancer on my fedora server. Everything works fine. Pound is running on port 80. Now I want to configure Pound on a different port and balance 2 other different backend servers.
I found this other link, which details how to accomplish this. But that tutorial path do not match Fedora 22 paths.
The thing is, I want to either (i)configure Pound on multiple ports which balances different IPs on each port OR (ii) run 2 different instances of Pound with separate config files for each port
Finally figured it out myself.
Initial Setup
Install Pound using the command "sudo yum install Pound".
Start pound and run it once "sudo service pound start".
Check if pound is working fine with 1 instance.
Now stop pound service before moving on to creating multiple instance "sudo service pound stop"
Step 1
Create pound config files for each instance separately. The default file will be at /etc/pound.cfg
sudo cp -p /etc/pound.cfg /etc/pound1.cfg
sudo cp -p /etc/pound.cfg /etc/pound2.cfg
Step 2
Create dummy pid files for each instance separately. The default file will be at /var/run/pound.pid
sudo cp -p /var/run/pound.pid /var/run/pound1.pid
sudo cp -p /var/run/pound.pid /var/run/pound2.pid
Step 3
Edit the default configuration file and assign different http port for each instance.
Modify "Control" path and backend servers to load balance for each instance
sudo nano /etc/pound1.cfg
pound1.cfg
User "pound"
Group "pound"
Control "/var/lib/pound/pound1.cfg"
ListenHTTP
Address 0.0.0.0
Port 8879
End
Service
BackEnd
Address 139.16.00.82
Port 8879
End
BackEnd
Address 139.16.00.88
Port 8879
End
End
Edit config for 2nd instance
sudo nano /etc/pound2.cfg
pound2.cfg
User "pound"
Group "pound"
Control "/var/lib/pound/pound2.cfg"
ListenHTTP
Address 0.0.0.0
Port 80
End
Service
BackEnd
Address 139.16.00.85
Port 8080
End
BackEnd
Address 139.16.00.86
Port 8080
End
End
Step 4
Copy pound service file to create individual file for each instance. This will be located at /usr/lib/systemd/system/pound.service
sudo cp -p /usr/lib/systemd/system/pound.service /usr/lib/systemd/system/pound1.service
sudo cp -p /usr/lib/systemd/system/pound.service /usr/lib/systemd/system/pound2.service
Edit service file to use appropriate config and pid file
sudo nano /usr/lib/systemd/system/pound1.service
pound1.service
[Unit]
Description=Pound Reverse Proxy And Load-balancer
After=syslog.target network.target
[Service]
Type=forking
PIDFile=/var/run/pound1.pid
ExecStart=/usr/sbin/pound -f /etc/pound1.cfg -p /var/run/pound1.pid
[Install]
WantedBy=multi-user.target
pound2.service
[Unit]
Description=Pound Reverse Proxy And Load-balancer
After=syslog.target network.target
[Service]
Type=forking
PIDFile=/var/run/pound2.pid
ExecStart=/usr/sbin/pound -f /etc/pound2.cfg -p /var/run/pound2.pid
[Install]
WantedBy=multi-user.target
Step 5
Now reload the systemctl daemon and start running both the services
sudo systemctl daemon-reload
sudo service pound1 start
sudo service pound2 start
If you face any issues, check the status using the below command, which helped me identify some issues
sudo service pound1 status
Note:
I have removed the https config in my cfg files, since i didn't need them
Just add multiple ListenHTTP directives :
ListenHTTP
Address 0.0.0.0
Port 8879
Service
BackEnd
Address 139.16.00.82
Port 8879
End
BackEnd
Address 139.16.00.88
Port 8879
End
End
End
ListenHTTP
Address 0.0.0.0
Port 80
Service
BackEnd
Address 139.16.00.85
Port 8080
End
BackEnd
Address 139.16.00.86
Port 8080
End
End
End
Currently have a pure HTML website with some embedded JS code to control flow between HTML files along with graph configuration details. The directories are as follows: html, css, fonts, img, js, sound. On my local machine, I can easily open the HTML files and navigate the site. I am using an Ubuntu Amazon EC2 instance with nginx as the reverse proxy. When running a express.js controlled website on the instance I usually just edit the nginx config file and start the app/server.js file. However, I am unsure as to how to do this with a set of static HTML files that have CSS and other assets associated with them. Below is my attempt at writing the nginx file but I'm not sure if what I'm proposing is possible.
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/website-dashboard/;
index index.html;
# Make site accessible from http://localhost/
server_name localhost;
location / {
default_type "text/html";
try_files $uri.html $uri $uri/ /index.html;
access_log off;
}
}
You shouldn't have a problem opening HTML files with NGINX - The question is, considdering you're running NGINX as a reverse proxy, what are you running as your web server?
If you're running Apache then you need to make sure it's running on port 8080 and the below NGINX configuration should meet your requirements.
upstream apachebackend {
server 127.0.0.1:8080; #apachebackend
}
server {
listen 80 default;
server_name www.domain.com domain.com;
access_log /var/log/nginx/domain.com.access.log main;
error_log /var/log/nginx/domain.com.error.log;
root /usr/share/nginx/html;
index index.html index.htm index.php;
## send request back to apachebackend ##
location / {
proxy_pass http://apachebackend;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering on;
proxy_buffers 12 12k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
If you're running NGINX as your web server then you need to set it up accordingly. The default set-up should suffice, just drop your files in the default vhost directory, but I recommend setting it up correctly using separate directories and log files.