nginx Windows: setting up sites-available configs - windows

I'm trying to set up Nginx on my Windows development environment. I can't find how to create something similar to "sites-enabled" on Linux where Nginx would look for (links to) active virtual host configurations.
Is there a way to do something similar with a directory with shortcuts to the actual configuration files and Nginx scanning that directory? Or is there another way to hook up a virtual host configuration other than copying the host configuration to nginx.conf?

In windows you have to give full path of the directory where the config files are located. There are two files to update: nginx.conf, which tells nginx where to find web sites, and localhost.conf, which is the configuration for a web site.
It is assumed that nginx is installed in C:\nginx. If the installation directory is at another path, you will have to update that path accordingly, wherever it appears in the following two configuration files.
nginx.conf
Location: C:\nginx\conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#to read external configuration.
include "C:/nginx/conf/sites-enabled/*.conf";
}
localhost.conf
Location: C:\nginx\conf\sites-enabled
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}

The "sites-enabled" approach as used by some Linux packages of nginx utilize include directive, which understands shell wildcards, see http://nginx.org/r/include. You may use it in your own config as well, e.g.
http {
...
include /path/to/sites/*.conf;
}
Note though that such approach might be very confusing (in particular, it would be hard to tell which server{} is the default one unless you use default_server explicitly).

The following worked for me but only AFTER I moved my main nginx exe folder from c:/Program Files (x86)/nginx-1.7.0 to c:/nginx-1.7.0 (because I think it doesn't handle spaces in file paths well):
http {
...
include "f:/code/mysite/dev-ops/nginx/dev/mysite.conf";
}

Till the time of writing this answer (7 Jan 2022) non of the other answers fully answer this question.
Wildcards (include a/*.b) just include a list of vhosts which cannot be disabled/enabled. sites-enabled and sites-available is about being able to disable a vhost without deleting the corresponding config file.
Nginx has only one config file (nginx.conf), which in turn includes other files. The ability to include files is what led to enabled/available design.
So the directory structure goes as follows:
conf // or whatever
|__nginx.conf
|__sites-enabled
|____default // symlink to sites-available/default.conf
|__sites-available
|____default.conf // You can omit the extension but I just like it
|____whatever.conf
|____some vhost.conf
|____another vhost.conf
|____disabled vhost.conf
|____other config files ...
# nginx.conf
http {
# ...
include path/to/sites-enabled/*; # include the enabled ones
}
In windows (cmd) you do:
mklink Link Target
# for example
mklink default X:/path/to/nginx/conf/sites-available/default.conf
Many think that windows doesn't have symlinks, it does :-)
I use a slightly more complex config directory structure, for development:
conf/
|__nginx.conf
|__sites-enabled/
|____some-site // sites-available/some-site/{env} where {env} is either dev or prod
|__sites-available/
|____some-site/
|______prod.conf
|______dev.conf
|______dev/
|________www.conf // vhost (server {}) for the www subdomain
|________api.conf // same as above but for the api subdomain
|________root.conf // vhost for the top level domain (e.g example.com without any subdomain prefix)
|______prod/
|________www.conf
|________api.conf
|________root.conf
|______snippets/
|________http.conf // listen on ipv4 80/ipv6 80 and redirect http to https
|________https.conf // listen on ipv4 443 ssl/ipv6 443 ssl and `include`s ssl.conf
|________ssl.conf // ssl config, pay attention to permission

You can include your config with a relative path in your nginx.config (the relative path is just the path of the config file itself in contrast to the logs path for example):
http {
include mime.types;
default_type application/octet-stream;
include ../sites-enabled/*.conf;
...
}

Related

how can i set was: SpringBoot(tomcat) + web: nginx(bring the thymeleaf resource files from was) on docker in linux

It was a project with a base of springboot + thymeleaf.
I want to use the web server by using nginx to place the resource files of thymeleaf on the web server.
Running nginx and spring boot project (WAS) with docker container.
nginx uses a port number of 8003:80 and WAS 8002:8080.
At this time, I want to know the settings of nginx.conf and the settings of the application.yml file of WAS.
In the linux environment, there is a situation where mapping is not working properly depending on whether or not thymeleaf is "/", so I want to solve this.
The settings for nginx.conf are as follows.
server {
listen 80;
location / {
proxy_pass http://ipaddr:8002;
...
}
location /templates {
root /usr/resources/templates;
}
location /css/ {
alias /usr/resources/static;
}
}
The application.yml setting for WAS is as follows.
thymeleaf:
prefix: /usr/resources/templates/
suffix: .html
Some are omitted, but by default, they refer to the directory in the same way as above.
When you run each server, the was server and nginx seem to be calling normally, but they don't seem to map the screen that will eventually be displayed properly.
[TemplatesInputException: Error resolving template [common/pagename], template might not exist or might not be accessible by any of the configured Template Resolves]
An error is occurring. Please Help me.
I tried to modify the nginx.conf file in nginx and the application.yml file in was server in many ways.

How can I move a validation into a common file and import it?

I have multiple virtual hosts, managed by Nginx.
I received a ticket which asks me to validate the value of a request header for some virtual hosts and refuse serving requests if the header is absent or invalid. This is what I have added to each of the virtual hosts:
location / {
if ($http_my_request_header_name != "<mytoken>") {
return 406;
}
}
And this is working as expected. However, I intend to make this solution more elegant and create a new config file, called common.conf, and, instead of pasting the same code into all virtual hosts, include this common file, as:
include conf.d/common.conf;
Yet, my tries were all failing:
First attempt
Pasting the if conditional and leave the location directive in the virtual host, which would include the file. The error I received was telling me in the logs that I cannot have an if by itself in the file.
Second attempt
I have moved the whole
location / {
if ($http_my_request_header_name != "<mytoken>") {
return 406;
}
}
into the common file and replaced it with the include at the virtual host configs. The error I received was telling me that I need to wrap a server directive around the location directive.
Third attempt
I have wrapped a server directive around my location directive, but that errored out as well. I no longer have the error, because I destroyed the server since then and recreated it. But if the exact error message is needed, let me know, I will reproduce it and share it here then.
Question
How can I create a common config file that would validate for a request header and include it into multiple virtual host configs?
EDIT
In view of Rahul Sharma's answer, I'm providing further information of the current try. This is how the main conf looks alike currently:
server {
...
include conf.d/common.conf;
...
}
and the include is a direct child of the server directive, that is, nothing else is wrapped around the include. Earlier, instead of the include` line, the main conf had its content, like
server {
...
location / {
if ($http_my_request_header_name != "<mytoken>") {
return 406;
}
}
...
}
and it worked. I have literally moved the location / to the common.conf file and replaced it with the include. So, Nginx dislikes my other file for some reason. This is why it was strange to me and this is what led me to ask this question.
I assume the contents of your conf.d/common.conf file is:
location / {
if ($http_my_request_header_name != "<mytoken>") {
return 406;
}
}
The error
"location" directive is not allowed here in /etc/nginx/conf.d/common.conf
is because probably your include statement inside the main nginx.conf is misplaced. The line include conf.d/common.conf; should be inside a server block for this to work like this:
server {
...
...
include conf.d/common.conf;
...
...
}
It turned out that in nginx.conf there was a line of
include /etc/nginx/conf.d/*.conf;
which included common.conf at another place that I was not aware of and in that second place the code inside common.conf was invalid.

Where should the passwords file be located for nginx

I am following the elasticsearch nginx integration tutorial for windows. I have generated the password using openssl.
The question is what should be the extension for the passwords file and where should it be placed.
I keep getting this error message but it is very unclear to me what exactly the issue is
C:\Program Files\nginx-1.12.1\nginx-1.12.1>nginx -s reload nginx:
[error] OpenEvent("Global\ngx_reload_4428") failed (2: The system
cannot find the file specified)
Currently, the file is present inside the configs directory
events {
worker_connections 1024;
}
http {
upstream elasticsearch {
server 127.0.0.1:9200;
}
server {
listen 8080;
auth_basic "Protected Elasticsearch";
auth_basic_user_file passwords;
location / {
proxy_pass http://elasticsearch;
proxy_redirect off;
}
}
}
You have to specify full path for the password file location:
location / {
auth_basic "Secure Area (or whatever description you want)";
auth_basic_user_file /etc/nginx/auth/nginx.passwd;
... (other settings)
}
The example above works on Unix/Linux servers running nginx. Since you're running Windows I suppose you have to specify full path like C:\Program Files\nginx-1.12.1\nginx-1.12.1\nginx.passwd
Depending what exactly you want to restrict you might need to place the rule inside or outside of the location / {} block. Supposing you need to allow full access to your server/site and only restrict let's say /private then you will add the basic auth in:
location /private {
...
}

Nginx serve images from multiple static directories under one alias

I am making transition from apache to nginx, and i can not get the alias to serve images. Reading nginx documentation, diving in google and what not have not yielded any acceptable results for me ;(
The images is located C:/xampp/htdocs/content/XYZ/thumbn/image.jpg
the XYZ part is dynamic and changes.
Nginx is set up to serve content from root C:/nginx/public_html/domain.dev/
In the apache i had simply made Alias /CDN "C:\xampp\htdocs\content"
So that way when ever i request www.domain.dev/CDN/XYZ/thumbn/image.jpg i would get the image from the alias directory.
So im trying to replicate the same in nginx
location /CDN {
alias C:/xampp/htdocs/content;
autoindex on; # just there to see if it works.
}
Unfortunately when i access the image www.domain.dev/CDN/XYZ/thumbn/image.jpg i get 404. In the Nginx logs i see following record :
2017/07/04 16:43:32 [error] 10532#6488: *4 CreateFile() "C:/nginx/public_html/domain.dev/CDN/XYZ/thumbn/two.jpg" failed (3: The system cannot find the path specified), client: 127.0.0.1, server: www.domain.dev, request: "GET /CDN/XYZ/thumbn/two.jpg HTTP/1.1", host: "www.domain.dev"
it is how ever listing the directory contents.
Now if i change the location block to this
location ^~ /CDN/ {
alias C:/xampp/htdocs/content/;
}
I get the same error in log, only way i managed to get it working (but not in the way i need) was when i use this location block
location ^~ /CDN/ {
alias C:/xampp/htdocs/content/XYZ/thumbn/;
}
Then it is showing the image, but the url for the image is different and not valid for my project.
Now the question: how do i serve only images from multiple static directories under same alias?
the images are located in following structure
C:/xampp/htdocs/content/one/thumbn/image.jpg
C:/xampp/htdocs/content/two/thumbn/cats.jpg
C:/xampp/htdocs/content/three/thumbn/dogs.jpg
C:/xampp/htdocs/content/another_random_direcotry/thumbn/random.jpg
And they should be accessed by URL as follows
www.domain.dev/CDN/one/thumbn/image.jpg
www.domain.dev/CDN/two/thumbn/cats.jpg
www.domain.dev/CDN/three/thumbn/dogs.jpg
www.domain.dev/CDN/another_random_direcotry/thumbn/random.jpg
Is this even possible with Nginx? so how do i achieve this? Is regex required in this occasion?
full config file here
try this
location /CDN/ {
alias C:/xampp/htdocs/content/;
}
The problem was caused by
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 7d;
}
When i comment out this location directive i can access the images from alias directory.
This how ever removes expiration header for images and with this enabled i can not access the images.

standard way to disable X-powered-by header in Passenger?

I couldn't find any way to disable Passenger's X-Powered-By header:
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.11
Is it possible to do that without modifying its sources and removing headers on the HTTP server level?
On Apache you can unset headers:
# Hide/Remove the Passenger Headers
Header always unset "X-Powered-By"
Header always unset "X-Runtime"
It will not remove all names (since services such as Plesk will still append their name), but Passenger can be removed this way.
Kudos to John Trupiano:
https://groups.google.com/forum/?fromgroups=#!topic/phusion-passenger/LKAKH0PEyW0
Short answer: YES.
update: 2018
Use proxy_hide_header if downstream, or use more_clear_headers
Original Answer
I leave the fact that I use nginx+passenger .. but you can completely remove them with
remove_header X-Header-Name-To-Remove;
So you can remove both by
server {
...
remove_header X-Powered-By;
remove_header X-Runtime;
...
}
This removes all the headers, it can also be in a location directive instead of server.
..
Here are my common directives, as I leave 'apache prod' equiv on mine.
server {
...
remove_header X-Runtime;
server_tokens off;
passenger_show_version_in_header off;
...
}
Provides a service header like..
Server:nginx + Phusion Passenger
X-Powered-By:Phusion Passenger
This is the closest equiv of apache2 ServerTokens Prod directive that I can do.
Short answer: no.
There is no configuration option in passenger to disable the X-Powered-by, so you need to do one of
filter
edit source
monkeypatch
passenger code:
#RequestHandler::process_request
headers_output = [
STATUS, status.to_i.to_s, CRLF,
X_POWERED_BY, #passenger_header, CRLF
]
#AbstractRequestHandler::initialize
#passenger_header = determine_passenger_header
#AbstractRequestHandler::determine_passenger_header
def determine_passenger_header
header = "Phusion Passenger (mod_rails/mod_rack)"
if #options["show_version_in_header"]
header << " #{VERSION_STRING}"
end
if File.exist?("#{SOURCE_ROOT}/enterprisey.txt") ||
File.exist?("/etc/passenger_enterprisey.txt")
header << ", Enterprise Edition"
end
return header
end
more_clear_headers 'Server' 'X-Powered-By' 'X-Runtime'; works for me as mentioned in http://www.michaelrigart.be/en/blog/nginx-and-passenger-install-in-production-environment.html.
To completely remove X-Powered-By and Server headers from Nginx+Passenger and not just hide versions, add this to your http block in nginx.conf:
server_tokens off;
more_clear_headers Server;
more_clear_headers X-Powered-By;
You could also set your own:
more_set_headers "Server: ACME";
This will work even if passenger_show_version_in_header off; is not set, but it might be smart to add it as well in case.
Remember to restart the server for these to take affect. You should test your config before restart though: sudo nginx -t.
Information via calvin.my

Resources