Linux.nginx: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Root (Diskussion | Beiträge) |
Root (Diskussion | Beiträge) |
||
| Zeile 91: | Zeile 91: | ||
wget https://github.com/MatthewVance/nginx-build/raw/master/build-nginx.sh | wget https://github.com/MatthewVance/nginx-build/raw/master/build-nginx.sh | ||
* Stelle im Build-Script sicher, dass openssl 1.1.1 verwendet wird: | |||
# https://github.com/MatthewVance/nginx-build/pull/60/commits/a0454545a8b4129c021dc1fea43f098265bf0352 | |||
chmod 777 build-nginx.sh | chmod 777 build-nginx.sh | ||
./build-nginx.sh | ./build-nginx.sh | ||
Version vom 3. September 2018, 17:02 Uhr
Überblick
- Ich verwendet nginx als HTTP/2 Server auf einem Raspberry Pi
- PHP soll in allen Stufen möglich sein
Authentifizierung
- System-Voraussetzung
apt-get install apache2-utils
- in der Host.conf
auth_basic "Administrator’s Area"; auth_basic_user_file /etc/apache2/.htpasswd;
- in der Kommandozeile
htpasswd -bc /srv/ngx/orgamon-2.dyndns.org/.htpasswd username ***pwd***
Stufe 1, :80 HTTP-Server
apt-get install nginx apt-get install php php-fpm
- orgamon-2.dyndns.org
server {
listen 80 default_server;
listen [::]:80 default_server;
root /srv/ngx/orgamon-2.dyndns.org;
index index.html index.htm index.nginx-debian.html;
server_name orgamon-2.dyndns.org;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
Stufe 2, :443 HTTPS-Server (TLS 1.2)
apt-get install certbot certbot certonly
- /etc/nginx/sites-enabled/orgamon-2.dyndns.org
server {
listen 443 ssl default_server;
ssl_protocols TLSv1.2;
root /srv/ngx/orgamon-2.dyndns.org;
index index.html index.htm index.nginx-debian.html;
server_name orgamon-2.dyndns.org;
ssl_certificate /etc/letsencrypt/live/orgamon-2.dyndns.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/orgamon-2.dyndns.org/privkey.pem;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
Stufe 3, :443 HTTP/2 Server mit TLS 1.2
server {
listen 443 ssl http2;
...
Stufe 4, :443 HTTP/2 Server mit TLS 1.3 (only!)
wget https://github.com/MatthewVance/nginx-build/raw/master/build-nginx.sh
- Stelle im Build-Script sicher, dass openssl 1.1.1 verwendet wird:
# https://github.com/MatthewVance/nginx-build/pull/60/commits/a0454545a8b4129c021dc1fea43f098265bf0352
chmod 777 build-nginx.sh ./build-nginx.sh