Menu
How can i share common configuration between two servers. My app support both http and https(for few pages) and i am currently using fastcgi_param to save sensitive information like DB name and password. How can i share the location and fastcgi_param for both server(80, 443).
server {
listen 80;
server_name example.com;
}
server {
listen 443 ssl;
server_name example.com;
root /home/forge/example.com/public;
# FORGE SSL (DO NOT REMOVE!)
ssl on;
ssl_certificate /etc/nginx/ssl/example.com/304/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/304/server.key;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_param ENV "production";
fastcgi_param DB_HOST "127.0.0.1";
fastcgi_param DB_PASSWORD "123456";
fastcgi_param DB_USERNAME "user";
fastcgi_param DB_NAME "example";
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
conf i want to share:
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_param ENV "production";
fastcgi_param DB_HOST "127.0.0.1";
fastcgi_param DB_PASSWORD "123456";
fastcgi_param DB_USERNAME "user";
fastcgi_param DB_NAME "example";
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
323
Every NGINX configuration file will be found in the /etc/nginx/ directory, with the main configuration file located in /etc/nginx/nginx. conf .
Alternatively, you can also add the 2 server blocks to NGINX's default configuration file at /etc/nginx/nginx. conf if you want to configure multiple host names in NGINX. However, it is advisable to create separate copies for better security & management, if you want to host multiple websites on NGINX.
By using the nginx forward proxy we can masking the location and IP for gaining access to services. Nginx forward proxy will continuing the request on behalf of the client. At the time when the host server will accept the request then only we can see the IP of the nginx proxy server.
Starting from 0.7.14, you can combine HTTP and HTTPS server blocks into single one - much easier to maintain:
server {
listen 80;
listen 443 ssl;
server_name example.com;
...
}
Take a look on http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server for details.
181
In addition to Andrey's answer which should help you immensely.
NGINX also supports an include statement.
You could for example create a common directory (/etc/nginx/common/) and then create /etc/nginx/common/locations.conf. Your locations.conf file would then contain something like,
# NGINX CONFIGURATION FOR COMMON LOCATION
# Basic locations files
location = /favicon.ico {
access_log off;
log_not_found off;
expires max;
}
# Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;
expires max;
}
# Security settings for better privacy
# Deny hidden files
location ~ /\.well-known {
allow all;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Deny backup extensions & log files
location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
deny all;
access_log off;
log_not_found off;
}
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
return 403;
}
Then in one of your site configuration files you just use include common/locations.conf; to include the locations file. For example,
server {
listen 80;
listen 443 ssl;
server_name example.com;
include common/locations.conf;
...
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
