i need to solve one problem. I have ngnix with public address, and i need to have access to my DB with phpmyadmin in local network by ip. I have configured it at address /usr/share/phpmyadmin following guide. At the moment i can download the php files from this directory but without execution. What i need to do to connect from browser to phpmyadmin?
This is my ngnix config:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.html index.htm;
server_name 192.168.1.101;
location ^~ /permanentmark/ {
alias /usr/share/phpmyadmin/;
index index.php index.html;
location ~ /pma(/.*\.php) {
include fastcgi_params;
fastcgi_param SERVER_NAME localhost;
fastcgi_param SCRIPT_FILENAME /usr/share/phpmyadmin$1;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
}
}
}
we still need is to tell Nginx to use our PHP processor for dynamic content. We do this on the server block level (server blocks are similar to Apache’s virtual hosts). Open the default Nginx server block configuration file by typing:
sudo nano /etc/nginx/sites-available/default
the Nginx default server block file looks like this:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ =404;
}
}
We need to make some changes to this file for our site.
First, we need to add index.php as the first value of our index directive so that files named index.php are served, if available, when a directory is requested.
We can modify the server_name directive to point to our server’s domain name or public IP address.
For the actual PHP processing, we just need to uncomment a segment of the file that handles PHP requests by removing the pound symbols (#) from in front of each line. This will be the location ~.php$ location block, the included fastcgi-php.conf snippet, and the socket associated with php-fpm.
We will also uncomment the location block dealing with .htaccess files using the same method. Nginx doesn’t process these files. If any of these files happen to find their way into the document root, they should not be served to visitors.
The changes that you need to make are in the text below:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name server_domain_or_IP;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
When you’ve made the above changes, you can save and close the file.
Test your configuration file for syntax errors by typing:
sudo nginx -t
If any errors are reported, go back and recheck your file before continuing.
When you are ready, reload Nginx to make the necessary changes:
sudo systemctl reload nginx
Related
I am working on Ubuntu 18 and trying to render an HTML page via NGINX. Following this link I did these steps:
Created html directory using sudo mkdir -p /var/www/sample/html
Placed my Web files directory webui under the html above
Created a nginx conf file using sudo vi /etc/nginx/sites-available/sample.conf
Placed below in the sample.conf
server {
listen 80;
listen [::]:80;
root /var/www/sample/html;
index index.html index.htm index.nginx-debian.html;
server_name 123.54.67.235;
location / {
include proxy_params;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://localhost/webui/;
}
location /app {
include proxy_params;
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_pass http://123.54.67.235:7000;
}
}
Created a link from it to the sites-enabled directory using sudo ln -s /etc/nginx/sites-available/sample.conf /etc/nginx/sites-enabled/
Un-commented server_names_hash_bucket_size 64;
Did sudo nginx -t. Got below message:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Did sudo systemctl restart nginx. No error came.
Now when I try to go to http://123.54.67.235 from my browser, I get nginx 500 Internal Server Error.
Not sure what's the mistake I am making as I am very new to and in-experienced with this. Can anyone suggest what's the reason for this?
UPDATE: When I go to my Nginx Error log I see below error there:
2019/05/05 05:52:51 [alert] 29779#29779: *2588 768 worker_connections are not enough while connecting to upstream, client: 123.54.67.235, server: 134.209.113.22, request: "GET /webui/webui/webui/webui/webui/webui/webui/webui/.....
Note: I am using my server's ip address in the server_name field of conf file as I do not have a domain name assigned to my server.
The proxy_pass http://localhost/webui/; statement points into the same server and generates a recursive loop by adding an endless number of /webui/ path elements. The proxy_pass directive is intended for a reverse proxy, and is used to forward requests to some other server.
To serve static content, you should use a root statement.
If the URI /foo should serve the file at /var/www/sample/html/webui/foo, use root /var/www/sample/html/webui;.
For example:
server {
...
root /var/www/sample/html/webui;
...
location / { }
location /app {
include proxy_params;
proxy_...;
proxy_pass ...;
}
}
The location / block is empty.
Currently have a pure HTML website with some embedded JS code to control flow between HTML files along with graph configuration details. The directories are as follows: html, css, fonts, img, js, sound. On my local machine, I can easily open the HTML files and navigate the site. I am using an Ubuntu Amazon EC2 instance with nginx as the reverse proxy. When running a express.js controlled website on the instance I usually just edit the nginx config file and start the app/server.js file. However, I am unsure as to how to do this with a set of static HTML files that have CSS and other assets associated with them. Below is my attempt at writing the nginx file but I'm not sure if what I'm proposing is possible.
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/website-dashboard/;
index index.html;
# Make site accessible from http://localhost/
server_name localhost;
location / {
default_type "text/html";
try_files $uri.html $uri $uri/ /index.html;
access_log off;
}
}
You shouldn't have a problem opening HTML files with NGINX - The question is, considdering you're running NGINX as a reverse proxy, what are you running as your web server?
If you're running Apache then you need to make sure it's running on port 8080 and the below NGINX configuration should meet your requirements.
upstream apachebackend {
server 127.0.0.1:8080; #apachebackend
}
server {
listen 80 default;
server_name www.domain.com domain.com;
access_log /var/log/nginx/domain.com.access.log main;
error_log /var/log/nginx/domain.com.error.log;
root /usr/share/nginx/html;
index index.html index.htm index.php;
## send request back to apachebackend ##
location / {
proxy_pass http://apachebackend;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering on;
proxy_buffers 12 12k;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
If you're running NGINX as your web server then you need to set it up accordingly. The default set-up should suffice, just drop your files in the default vhost directory, but I recommend setting it up correctly using separate directories and log files.
I have a directory/web app that is located outside of the web root directory of my site.
Say the site is here:
/var/www/site/htdocs/
And the external app is located here:
/var/www/apps/coolapp/
My question is how can I configure nginx to map/route all requests that are like www.mysite.com/coolapp/* (asterisk being wildcard) to the external location /var/www/apps/coolapp/? For example, www.mysite.com/coolapp/test.php should server /var/www/apps/coolapp/test.php.
I have added an alias directive in production.conf that the main nginx.conf file includes. This worked fine for everything except .php files because there is another location that is catching .php files instead. So I nested a location in with the alias to catch .php files, but now nginx is telling me it can't find the .php files "404 File Not Found". Here is what production.conf currently looks like
server {
listen 80;
listen 443 ssl;
ssl_certificate /blah/blah/blah;
ssl_certificate_key /blah/blah/blah;
ssl_protocols blah blah blah;
ssl_ciphers blahblahblah;
ssl_prefer_server_ciphers blahblah;
access_log /var/log/nginx/www.mysite.com-access.log;
error_log /var/log/nginx/www.mysite.com-error.log error;
server_name mysite.com www.mysite.com;
root /var/www/site/htdocs;
include conf/magento_rewrites.conf;
include conf/magento_security.conf;
include /var/www/site/nginx/*.conf;
#-------CODE IN QUESTION-------
location /coolapp/ {
alias /var/www/apps/coolapp/;
location ~ \.php {
# Copied from "# PHP Handler" below
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
fastcgi_param HTTPS $fastcgi_https;
rewrite_log on;
# By default, only handle fcgi without caching
include conf/magento_fcgi.conf;
}
}
# PHP handler
location ~ \.php {
## Catch 404s that try_files miss
if (!-e $request_filename) { rewrite / /index.php last; }
## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
fastcgi_param HTTPS $fastcgi_https;
rewrite_log on;
# By default, only handle fcgi without caching
include conf/magento_fcgi.conf;
}
# 404s are handled by front controller
location #magefc {
rewrite ^(.*) /index.php?$query_string last;
}
# Last path match hands to magento or sets global cache-control
location / {
## Maintenance page overrides front controller
index index.html index.php;
try_files $uri $uri/ #magefc;
expires 24h;
}
}
conf/magento_fcgi.conf looks like this:
fastcgi_pass phpfpm;
## Tell the upstream who is making the request
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
# Ensure the admin panels have enough time to complete large requests ie: report generation, product import/export
proxy_read_timeout 1600s;
# Ensure PHP knows when we use HTTPS
fastcgi_param HTTPS $fastcgi_https;
## Fcgi Settings
include fastcgi_params;
fastcgi_connect_timeout 120;
fastcgi_send_timeout 320s;
fastcgi_read_timeout 1600s;
fastcgi_buffer_size 128k;
fastcgi_buffers 512 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors off;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/apps/coolapp$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
# nginx will buffer objects to disk that are too large for the buffers above
fastcgi_temp_path /tmpfs/nginx/tmp 1 2;
#fastcgi_keep_conn on; # NGINX 1.1.14
expires off; ## Do not cache dynamic content
Here are some errors messages I pulled from error.log
2014/02/28 11:10:17 [error] 9215#0: *933 connect() failed (111: Connection refused) while connecting to upstream, ................. client: x.x.x.x, server: mysite.com, request: "GET /coolapp/test.php HTTP/1.1", upstream: "fastcgi://[::1]:9000", host: "www.mysite.com"
2014/02/28 11:10:17 [error] 9215#0: *933 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: x.x.x.x, server: mysite.com, request: "GET /coolapp/test.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.mysite.com"
2014/02/28 11:11:59 [error] 9220#0: *1193 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: x.x.x.x, server: mysite.com, request: "GET /coolapp/test.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "www.mysite.com"
Does anyone see what I'm doing wrong?
This appears to have been fixed in a newer version. As long as SCRIPT_FILENAME is set to $request_filename, it should work as expected. (This differs from previous versions, where $request_filename wouldn't work in all cases.) Additionally, you need to omit any try_files directive in the inner location block. Re-evaluating $uri appears to throw off $request_filename.
Ok, second read after coffee. Get the SCRIPT_FILENAME out of the included fastcgi configuration and set it in both location blocks. If this doesn't fix things then in the coolapp location hardcode the doc root path and see if that fixes things.
I recently wanted to point all subdomains for a test domain, let's say example.com to the localhost. Is there a way to point all requests on *.example.com to resolve to 127.0.0.1
It happens that /etc/hosts file doesn't support wild card entries.
You'll have to use other services like dnsmasq. To enable it in dnsmasq, just edit dnsmasq.conf and add the following line:
address=/example.com/127.0.0.1
use dnsmasq
Assuming that you're using a Debian-based dist(ubuntu, mint..), check if it's installed with
(sudo) systemctl status dnsmasq
If it is just disabled, start it with
(sudo) systemctl start dnsmasq
If you have to install it, write
(sudo) apt-get install dnsmasq
To define domains to resolve edit /etc/dnsmasq.conf like this.
address=/example.com/127.0.0.1
to resolve *.example.com
! You must reload dnsmasq to take effect for the changes !
systemctl reload dnsmasq
Here is the configuration for those trying to accomplish the original goal (wildcards all pointing to same codebase -- install nothing, dev environment ie, XAMPP)
hosts file (add an entry)
file: /etc/hosts (non-windows)
127.0.0.1 example.local
httpd.conf configuration (enable vhosts)
file: /XAMPP/etc/httpd.conf
# Virtual hosts
Include etc/extra/httpd-vhosts.conf
httpd-vhosts.conf configuration
file: XAMPP/etc/extra/httpd-vhosts.conf
<VirtualHost *:80>
ServerAdmin admin#example.local
DocumentRoot "/path_to_XAMPP/htdocs"
ServerName example.local
ServerAlias *.example.local
# SetEnv APP_ENVIRONMENT development
# ErrorLog "logs/example.local-error_log"
# CustomLog "logs/example.local-access_log" common
</VirtualHost>
restart apache
create pac file:
save as whatever.pac wherever you want to and then load the file in the browser's network>proxy>auto_configuration settings (reload if you alter this)
function FindProxyForURL(url, host) {
if (shExpMatch(host, "*example.local")) {
return "PROXY example.local";
}
return "DIRECT";
}
I set up a Vagrant VirtualBox box for Debian Wheezy following this instruction.
I installed nginx and php5-fpm on this virtual machine. I can access my guest machine via 127.0.0.1:8080 from host. It can also serve php files and phpinfo() works correctly, too.
However, when I try to access a remote MySQL server from a php file, the request always times out and I get a 504 Gateway Timeout error.
I noticed the followings.
In my nginx conf file, I have this line fastcgi_pass unix:/var/run/php5-fpm.sock;.
In /etc/php5/fpm/pool.d/www.conf, I have listen = /var/run/php5-fpm.sock.
php5-fpm.sock exists in /var/run/.
If I use 127.0.0.1:9000 instead of the socket, I still get the 504 Gateway Timeout error, but I get the error immediately without any waiting.
I added proxy_read_timeout 300; in my nginx conf, but this did not solve the issue.
My Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
# Every Vagrant virtual environment requires a box to build off of.
config.vm.box = "wheezy32"
config.vm.provision :shell, :path => "dev/bootstrap.sh"
# Create a forwarded port mapping which allows access to a specific port
# within the machine from a port on the host machine. In the example below,
# accessing "localhost:8080" will access port 80 on the guest machine.
config.vm.network :forwarded_port, guest: 80, host: 8080
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network :private_network, ip: "192.168.33.10"
# Create a public network, which generally matched to bridged network.
# Bridged networks make the machine appear as another physical device on
# your network.
# config.vm.network :public_network
end
My nginx conf
server {
root /var/www/sites/mysite/public_html;
index index.html index.htm index.php;
# Make site accessible from http://localhost/
server_name localhost;
access_log /var/www/logs/mysite/mysite.access_log;
error_log /var/www/logs/mysite/mysite.error_log;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.html;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
proxy_read_timeout 300;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}
/var/www/logs/mysite/mysite.error_log
2013/06/16 23:47:27 [error] 2567#0: *23 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 10.0.2.2, server: localhost, request: "GET /test.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock", host: "127.0.0.1:8080"
2013/06/16 23:47:27 [error] 2567#0: *23 rewrite or internal redirection cycle while internally redirecting to "/index.html", client: 10.0.2.2, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "127.0.0.1:8080"
Here is how I attempt to connect to the remote MySQL server.
require_once('/var/www/sites/mysite/includes/db_constants.php');
try {
$dsn = 'mysql:host=172.16.0.51;dbname=' . DB_NAME . ';charset=utf8';
$db = new PDO($dsn,DB_USER,DB_PASS);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$db->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
} catch (PDOException $e) {
header('HTTP/1.1 500');
exit;
} catch (Exception $e) {
header('HTTP/1.1 500');
exit;
}
What am I missing?
As #cmur2 said, I was using the private IP to connect to the remove server, and that was why it did not work. I changed it to a public IP and now it is working correctly.